Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    85516ef764279fe731ef7e34edad0851_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240530-3qgzaaef6x

  • MD5

    85516ef764279fe731ef7e34edad0851

  • SHA1

    1da7c255b7079a4348add2abb274dc5e7aa7aeeb

  • SHA256

    38010309cc0e426d327b7a7148b994b27b9eee4fb95bce0c81ee48d1e6573ab6

  • SHA512

    dcb9c7900e0a9dcea38185b59b24400d5a8577f97892ca50cfaa3d5d26bcdc936398646400c301326f1272512b8a224f1aeb7666dcb2d3b83c5c0b7bc32166bd

  • SSDEEP

    24576:wUuZTW23/tWJ8J3f9w9SN2ZtCC5l/ae0UZy4VO5WnAstm7Gi/gZeqfxKRE3W6Zk:ITW23/tWJ4VwTtD5lN0UZy4VkWnvch/f

Malware Config

Targets

    • Target

      85516ef764279fe731ef7e34edad0851_JaffaCakes118

    • Size

      1.5MB

    • MD5

      85516ef764279fe731ef7e34edad0851

    • SHA1

      1da7c255b7079a4348add2abb274dc5e7aa7aeeb

    • SHA256

      38010309cc0e426d327b7a7148b994b27b9eee4fb95bce0c81ee48d1e6573ab6

    • SHA512

      dcb9c7900e0a9dcea38185b59b24400d5a8577f97892ca50cfaa3d5d26bcdc936398646400c301326f1272512b8a224f1aeb7666dcb2d3b83c5c0b7bc32166bd

    • SSDEEP

      24576:wUuZTW23/tWJ8J3f9w9SN2ZtCC5l/ae0UZy4VO5WnAstm7Gi/gZeqfxKRE3W6Zk:ITW23/tWJ4VwTtD5lN0UZy4VkWnvch/f

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks