Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f6f06ba0dfdb25f6629ef4f9b0fdd157_JaffaCakes118

  • Size

    5.8MB

  • Sample

    240418-a7teesdg62

  • MD5

    f6f06ba0dfdb25f6629ef4f9b0fdd157

  • SHA1

    51f72832dc8bcc027581be1df2ce37852069c962

  • SHA256

    db104e2c9ac2bb20624e378b8b7b895b8373917b86bb613ed2dc7f2de85ed425

  • SHA512

    e6e9e12f9eb6584cab588a2b16069f5262f98ba8cf8bb2846b4a474ddee20f55615d2c77ea598ae15f6c887574974b54bf45144a51f6163ae025cda30c75d332

  • SSDEEP

    98304:z4R9xJWClCgV2VMqnstLEtQek8IDQa2cPK8Zpig:z4TPCgV2VMqnhuek8uQVCKc

Malware Config

Targets

    • Target

      f6f06ba0dfdb25f6629ef4f9b0fdd157_JaffaCakes118

    • Size

      5.8MB

    • MD5

      f6f06ba0dfdb25f6629ef4f9b0fdd157

    • SHA1

      51f72832dc8bcc027581be1df2ce37852069c962

    • SHA256

      db104e2c9ac2bb20624e378b8b7b895b8373917b86bb613ed2dc7f2de85ed425

    • SHA512

      e6e9e12f9eb6584cab588a2b16069f5262f98ba8cf8bb2846b4a474ddee20f55615d2c77ea598ae15f6c887574974b54bf45144a51f6163ae025cda30c75d332

    • SSDEEP

      98304:z4R9xJWClCgV2VMqnstLEtQek8IDQa2cPK8Zpig:z4TPCgV2VMqnhuek8uQVCKc

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks