Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_34591d679ebcda6b3a01d4ded39697b4
-
Size
78KB
-
Sample
250106-xfbfvswmgl
-
MD5
34591d679ebcda6b3a01d4ded39697b4
-
SHA1
0700d95966b55257b6b07554312bb10c54e130fe
-
SHA256
2885c1ea24661195291f87aa2b2bf673d2ee0ae80cda8f53d8415a0382f20d5f
-
SHA512
0202b5a4b082e552008bebcc55ca5088a74662d42719f534b6568faf44e1f044266d2c9208a0bd1abd9fa91a3a721e2cc957eed51cbcb00a12bb266b3db63ffb
-
SSDEEP
1536:w5jSYLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti67a9/q1Da:w5jS+E2EwR4uY41HyvYja9/B
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_34591d679ebcda6b3a01d4ded39697b4.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_34591d679ebcda6b3a01d4ded39697b4.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_34591d679ebcda6b3a01d4ded39697b4
-
Size
78KB
-
MD5
34591d679ebcda6b3a01d4ded39697b4
-
SHA1
0700d95966b55257b6b07554312bb10c54e130fe
-
SHA256
2885c1ea24661195291f87aa2b2bf673d2ee0ae80cda8f53d8415a0382f20d5f
-
SHA512
0202b5a4b082e552008bebcc55ca5088a74662d42719f534b6568faf44e1f044266d2c9208a0bd1abd9fa91a3a721e2cc957eed51cbcb00a12bb266b3db63ffb
-
SSDEEP
1536:w5jSYLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti67a9/q1Da:w5jS+E2EwR4uY41HyvYja9/B
-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-