Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    afd5713cbadc2f1ab7dd4a990c53eb32_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240615-xczdhs1clg

  • MD5

    afd5713cbadc2f1ab7dd4a990c53eb32

  • SHA1

    30e851ee22c62cfb7940e5013ce0529f806cfb8b

  • SHA256

    27c965763a68e2c0cc45c4ac7a2192979a71ee1dc7be5a010fa2428c3202277e

  • SHA512

    934d6d7fa10ec1bd7a235b6b2d758c59a96478e867f58760a4f562f98b34299b93c7f35c3930871adb5087fab4573540220cf672565a98dde17ee872e383932f

  • SSDEEP

    24576:yp4sPrS6bOsPKaVmsTqZEJvVpGioL2Nrf4aP3c6:yp44u0OsPxPAEJy92NsOc6

Malware Config

Targets

    • Target

      afd5713cbadc2f1ab7dd4a990c53eb32_JaffaCakes118

    • Size

      1.0MB

    • MD5

      afd5713cbadc2f1ab7dd4a990c53eb32

    • SHA1

      30e851ee22c62cfb7940e5013ce0529f806cfb8b

    • SHA256

      27c965763a68e2c0cc45c4ac7a2192979a71ee1dc7be5a010fa2428c3202277e

    • SHA512

      934d6d7fa10ec1bd7a235b6b2d758c59a96478e867f58760a4f562f98b34299b93c7f35c3930871adb5087fab4573540220cf672565a98dde17ee872e383932f

    • SSDEEP

      24576:yp4sPrS6bOsPKaVmsTqZEJvVpGioL2Nrf4aP3c6:yp44u0OsPxPAEJy92NsOc6

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks