Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2f0aaee99e8411db8265db84227af6be_JaffaCakes118.exe

  • Size

    3.0MB

  • Sample

    240505-k1deqsdb3s

  • MD5

    2f0aaee99e8411db8265db84227af6be

  • SHA1

    c7c26070b9e3bc5e0cbdd225ed9c1da43c565482

  • SHA256

    777bb88f0340d9c3be6ce71ca561f7a7e8d0f372cb745d6ccfbe6a18a7fa345c

  • SHA512

    fb1239e27f9531eb7ecaa3a7550eff61889cec37b47ba4e74dc6ca38176a6c377873aab43afd73a99d768021320e76984142d0d38b0713f15b0a8d7bd72f1280

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBIB/bSqz8b6LNX:sxX7QnxrloE5dpUpDbVz8eLF

Malware Config

Targets

    • Target

      2f0aaee99e8411db8265db84227af6be_JaffaCakes118.exe

    • Size

      3.0MB

    • MD5

      2f0aaee99e8411db8265db84227af6be

    • SHA1

      c7c26070b9e3bc5e0cbdd225ed9c1da43c565482

    • SHA256

      777bb88f0340d9c3be6ce71ca561f7a7e8d0f372cb745d6ccfbe6a18a7fa345c

    • SHA512

      fb1239e27f9531eb7ecaa3a7550eff61889cec37b47ba4e74dc6ca38176a6c377873aab43afd73a99d768021320e76984142d0d38b0713f15b0a8d7bd72f1280

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBIB/bSqz8b6LNX:sxX7QnxrloE5dpUpDbVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks