Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_007f1600b0a0777c591f415db8ec29a3
-
Size
526KB
-
Sample
250120-2xnjzatnaw
-
MD5
007f1600b0a0777c591f415db8ec29a3
-
SHA1
76bc884c55c46fa51b804dfc5f6d5a0a2135b9a2
-
SHA256
cb7c957512e28316854bf79037d88cdd7e349f43340d80ba53668e7974a4cb82
-
SHA512
b2656f206e161888fe3f798bf757ab6cd95b49424da6219d70ae866e1db52f3f826bb5c647a510b4c9e78d1bc2db05e67b40763b04ffdf3a8818fed1e04bddc4
-
SSDEEP
12288:SHN3d5HDR40EFZjLDLuluC89Ew5nph2rxxnew80aEL1c0nb4auvhGzY:SHv5jRfEnXiuB9cDeCaERh4a98
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
JaffaCakes118_007f1600b0a0777c591f415db8ec29a3
-
Size
526KB
-
MD5
007f1600b0a0777c591f415db8ec29a3
-
SHA1
76bc884c55c46fa51b804dfc5f6d5a0a2135b9a2
-
SHA256
cb7c957512e28316854bf79037d88cdd7e349f43340d80ba53668e7974a4cb82
-
SHA512
b2656f206e161888fe3f798bf757ab6cd95b49424da6219d70ae866e1db52f3f826bb5c647a510b4c9e78d1bc2db05e67b40763b04ffdf3a8818fed1e04bddc4
-
SSDEEP
12288:SHN3d5HDR40EFZjLDLuluC89Ew5nph2rxxnew80aEL1c0nb4auvhGzY:SHv5jRfEnXiuB9cDeCaERh4a98
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Drops file in System32 directory
-