Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e39d38b6f0d0de7585002df56692171b_JaffaCakes118

  • Size

    820KB

  • Sample

    240407-afc85afa3y

  • MD5

    e39d38b6f0d0de7585002df56692171b

  • SHA1

    57e71199627f129ca080fa55e0e54955f37dfa8d

  • SHA256

    4fb538e51cfae7a71d252649ba49f6174b40a060ba4c0b448045cf0c31fe0c63

  • SHA512

    1709c19ad39ec60a49e42f4a82eba80f7c03d810e0fad93d3a48b5c2ed6e971182ba58cfd5e11f41838d1165c3704b3e6eadc87339d446ace6ecb3efa4487973

  • SSDEEP

    12288:n7R08SklG6IzynfxKqKqG9sUspo6uXYNSlOD9mZWl9Es0bXIkhclH9MkDeccmsIM:n7WLF6cSVGWUspBDN0iKffKEII

Malware Config

Targets

    • Target

      e39d38b6f0d0de7585002df56692171b_JaffaCakes118

    • Size

      820KB

    • MD5

      e39d38b6f0d0de7585002df56692171b

    • SHA1

      57e71199627f129ca080fa55e0e54955f37dfa8d

    • SHA256

      4fb538e51cfae7a71d252649ba49f6174b40a060ba4c0b448045cf0c31fe0c63

    • SHA512

      1709c19ad39ec60a49e42f4a82eba80f7c03d810e0fad93d3a48b5c2ed6e971182ba58cfd5e11f41838d1165c3704b3e6eadc87339d446ace6ecb3efa4487973

    • SSDEEP

      12288:n7R08SklG6IzynfxKqKqG9sUspo6uXYNSlOD9mZWl9Es0bXIkhclH9MkDeccmsIM:n7WLF6cSVGWUspBDN0iKffKEII

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks