Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
85516ef764279fe731ef7e34edad0851_JaffaCakes118
-
Size
1.5MB
-
Sample
240530-3qgzaaef6x
-
MD5
85516ef764279fe731ef7e34edad0851
-
SHA1
1da7c255b7079a4348add2abb274dc5e7aa7aeeb
-
SHA256
38010309cc0e426d327b7a7148b994b27b9eee4fb95bce0c81ee48d1e6573ab6
-
SHA512
dcb9c7900e0a9dcea38185b59b24400d5a8577f97892ca50cfaa3d5d26bcdc936398646400c301326f1272512b8a224f1aeb7666dcb2d3b83c5c0b7bc32166bd
-
SSDEEP
24576:wUuZTW23/tWJ8J3f9w9SN2ZtCC5l/ae0UZy4VO5WnAstm7Gi/gZeqfxKRE3W6Zk:ITW23/tWJ4VwTtD5lN0UZy4VkWnvch/f
Malware Config
Targets
-
-
Target
85516ef764279fe731ef7e34edad0851_JaffaCakes118
-
Size
1.5MB
-
MD5
85516ef764279fe731ef7e34edad0851
-
SHA1
1da7c255b7079a4348add2abb274dc5e7aa7aeeb
-
SHA256
38010309cc0e426d327b7a7148b994b27b9eee4fb95bce0c81ee48d1e6573ab6
-
SHA512
dcb9c7900e0a9dcea38185b59b24400d5a8577f97892ca50cfaa3d5d26bcdc936398646400c301326f1272512b8a224f1aeb7666dcb2d3b83c5c0b7bc32166bd
-
SSDEEP
24576:wUuZTW23/tWJ8J3f9w9SN2ZtCC5l/ae0UZy4VO5WnAstm7Gi/gZeqfxKRE3W6Zk:ITW23/tWJ4VwTtD5lN0UZy4VkWnvch/f
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-