Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    273f63acd1e6de586e56a80e62b7f7cf_JaffaCakes118

  • Size

    1019KB

  • Sample

    240508-3lx5psgb99

  • MD5

    273f63acd1e6de586e56a80e62b7f7cf

  • SHA1

    ed2d65ce1aa1b938101a8c3d7383496ae740fd17

  • SHA256

    35beb23996aba5b18b898a9898a6df9b6ef2d4f08bd9293a305374d6760072fa

  • SHA512

    73255409268d58c3af3e0288c283c0476ea5b58014c633264b70e6aa6ec936b669bc3686910547e39e12f8ac404b4371aa260a2159720018efcf6fb076198006

  • SSDEEP

    24576:1OAQRKWoXbyyRLckBTyAp5m3tAplw2VKqZwwz4buQbJLubOOubCYTPYrxuHwM4hw:1OpR8rb7IAJ2XajniCxQwAXXX

Malware Config

Targets

    • Target

      273f63acd1e6de586e56a80e62b7f7cf_JaffaCakes118

    • Size

      1019KB

    • MD5

      273f63acd1e6de586e56a80e62b7f7cf

    • SHA1

      ed2d65ce1aa1b938101a8c3d7383496ae740fd17

    • SHA256

      35beb23996aba5b18b898a9898a6df9b6ef2d4f08bd9293a305374d6760072fa

    • SHA512

      73255409268d58c3af3e0288c283c0476ea5b58014c633264b70e6aa6ec936b669bc3686910547e39e12f8ac404b4371aa260a2159720018efcf6fb076198006

    • SSDEEP

      24576:1OAQRKWoXbyyRLckBTyAp5m3tAplw2VKqZwwz4buQbJLubOOubCYTPYrxuHwM4hw:1OpR8rb7IAJ2XajniCxQwAXXX

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks