Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4bbd442d3516c9b4ca06ea218ce95ad3_JaffaCakes118

  • Size

    128KB

  • Sample

    240516-sqs2faah87

  • MD5

    4bbd442d3516c9b4ca06ea218ce95ad3

  • SHA1

    03a9385f7c293ae35b28b4b7f6e1284a656034f8

  • SHA256

    b25d305b5a2a8617f78454eea884183cbeed10353f47701d23df6f6e5f9e53a3

  • SHA512

    5217186acf70dd0c3f4ce17b2955e7c2a810a6e4b40232a27806169b432374cf9de87635647b82c915cfaa29fe4b0f307e1f89dbc53b01e71bddc89a6186e414

  • SSDEEP

    1536:ULXB65939tY6HBg4sXJSiwhKKS20Ub2nLnVj1KxSmiwGOcVf2/O12C:ULk395hYXJSiZKoHLnux5i05O12C

Malware Config

Targets

    • Target

      4bbd442d3516c9b4ca06ea218ce95ad3_JaffaCakes118

    • Size

      128KB

    • MD5

      4bbd442d3516c9b4ca06ea218ce95ad3

    • SHA1

      03a9385f7c293ae35b28b4b7f6e1284a656034f8

    • SHA256

      b25d305b5a2a8617f78454eea884183cbeed10353f47701d23df6f6e5f9e53a3

    • SHA512

      5217186acf70dd0c3f4ce17b2955e7c2a810a6e4b40232a27806169b432374cf9de87635647b82c915cfaa29fe4b0f307e1f89dbc53b01e71bddc89a6186e414

    • SSDEEP

      1536:ULXB65939tY6HBg4sXJSiwhKKS20Ub2nLnVj1KxSmiwGOcVf2/O12C:ULk395hYXJSiZKoHLnux5i05O12C

    • Downloads MZ/PE file

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks