Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e2d837bb399845cdec7a19a0834a707e_JaffaCakes118

  • Size

    399KB

  • Sample

    240406-swnznsdc31

  • MD5

    e2d837bb399845cdec7a19a0834a707e

  • SHA1

    7747d21b21f35bbb83b786961d143155dc4308ea

  • SHA256

    b2e8a1fb3f2dd379ad6acdc491c1e14ed31da5edd5cf48d4bb7f65089db6a265

  • SHA512

    4a6cf4fdfddfc3ad0d0b932c0745c0d79af6af345570807a56f64bd5527baf495707414252be58e1a1475e012997f26392a172f4b56739fd93f05ae685fc620d

  • SSDEEP

    12288:hLyF4JA13Wod/tQEv/aEsPfTBT8l6QyIEpU2Wo:hLyF6A3vlttv/a9TBnGn2Wo

Malware Config

Targets

    • Target

      e2d837bb399845cdec7a19a0834a707e_JaffaCakes118

    • Size

      399KB

    • MD5

      e2d837bb399845cdec7a19a0834a707e

    • SHA1

      7747d21b21f35bbb83b786961d143155dc4308ea

    • SHA256

      b2e8a1fb3f2dd379ad6acdc491c1e14ed31da5edd5cf48d4bb7f65089db6a265

    • SHA512

      4a6cf4fdfddfc3ad0d0b932c0745c0d79af6af345570807a56f64bd5527baf495707414252be58e1a1475e012997f26392a172f4b56739fd93f05ae685fc620d

    • SSDEEP

      12288:hLyF4JA13Wod/tQEv/aEsPfTBT8l6QyIEpU2Wo:hLyF6A3vlttv/a9TBnGn2Wo

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks