Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_0107b66daa6a5701c8106fa64a64a0b6
-
Size
220KB
-
Sample
250121-bb5cgsyjet
-
MD5
0107b66daa6a5701c8106fa64a64a0b6
-
SHA1
840baf4942159321585d04d746f9fead4145f408
-
SHA256
553dbf65f6048f3a28ef6e4c9afd9a21de96663919df11aeeb860a3fec0a73e5
-
SHA512
744028c58d259321332ef2a2728912f1046e823d93bc9ba106181657daa302f4bceea99a1148026ae9c7ad1880a3b6863268b3a38f70d8a417ecce6c04d77bf5
-
SSDEEP
3072:j+TWb4ml9VkHpq2zRsvhac4fSZl9lETSZZUF8sqQcD+m5HG55LD0Kuh7f:yY6Psh5vlEmqPqLDZm55Ez
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_0107b66daa6a5701c8106fa64a64a0b6.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
JaffaCakes118_0107b66daa6a5701c8106fa64a64a0b6.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
122.168.206.28:4957
Targets
-
-
Target
JaffaCakes118_0107b66daa6a5701c8106fa64a64a0b6
-
Size
220KB
-
MD5
0107b66daa6a5701c8106fa64a64a0b6
-
SHA1
840baf4942159321585d04d746f9fead4145f408
-
SHA256
553dbf65f6048f3a28ef6e4c9afd9a21de96663919df11aeeb860a3fec0a73e5
-
SHA512
744028c58d259321332ef2a2728912f1046e823d93bc9ba106181657daa302f4bceea99a1148026ae9c7ad1880a3b6863268b3a38f70d8a417ecce6c04d77bf5
-
SSDEEP
3072:j+TWb4ml9VkHpq2zRsvhac4fSZl9lETSZZUF8sqQcD+m5HG55LD0Kuh7f:yY6Psh5vlEmqPqLDZm55Ez
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-