Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4dede04585657972185c523b4a281889_JaffaCakes118

  • Size

    984KB

  • Sample

    240517-b72w8sca32

  • MD5

    4dede04585657972185c523b4a281889

  • SHA1

    bcfcec8578f63204a9dfabd2423b5d4ff5cf63ca

  • SHA256

    9d117fd08c16840b8824c177b0e66fd82ec07a69b96b65f7132f142ae8ea6992

  • SHA512

    d3324f4b4fc93f968ceceb9d15c079b73bcdb6caaeeee4158ad9a3216175bdc5e01e73b99cc61a1f05d35236dee0a16f4a447c344c868cdfd0cd9fd92c18193c

  • SSDEEP

    12288:TePopiYFKOYCTnzbE3gWaBh1S0yagjHMbiZxE/XGchkLSkzQ4tMUQvAwnWlIVD6c:TwYFKOY1gW+hQ0yaC86xcGGkLLkNv

Malware Config

Targets

    • Target

      4dede04585657972185c523b4a281889_JaffaCakes118

    • Size

      984KB

    • MD5

      4dede04585657972185c523b4a281889

    • SHA1

      bcfcec8578f63204a9dfabd2423b5d4ff5cf63ca

    • SHA256

      9d117fd08c16840b8824c177b0e66fd82ec07a69b96b65f7132f142ae8ea6992

    • SHA512

      d3324f4b4fc93f968ceceb9d15c079b73bcdb6caaeeee4158ad9a3216175bdc5e01e73b99cc61a1f05d35236dee0a16f4a447c344c868cdfd0cd9fd92c18193c

    • SSDEEP

      12288:TePopiYFKOYCTnzbE3gWaBh1S0yagjHMbiZxE/XGchkLSkzQ4tMUQvAwnWlIVD6c:TwYFKOY1gW+hQ0yaC86xcGGkLLkNv

    • HawkEye

      HawkEye is a malware kit that has seen continuous development since at least 2013.

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Uses the VBS compiler for execution

    • Accesses Microsoft Outlook accounts

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.