Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    018c1c876ead95e84b7b9a081f4592b4_JaffaCakes118

  • Size

    340KB

  • Sample

    240620-a9tszathkl

  • MD5

    018c1c876ead95e84b7b9a081f4592b4

  • SHA1

    9db71ef9a021017abf1874afff0c4d97629211b6

  • SHA256

    9e81e3ade315a3c6faf9adb8144de1335ef232b5f57ee00c237bafcf0c6d7aee

  • SHA512

    1191a58c5395f2c3f5f0a88169bb215ac325a1aa22dad9475157d39b0c29101d22d52c5cc64df89a3e1d23ae95452810ea4a82815e2d76172fa44e0d80115c80

  • SSDEEP

    6144:G0PEtTPkAuAfjlJuj3QjgJ6snJZ/RjY07qVyLOyFTzVxh3VAitO8yb8D/3/:G0m3blK36QhuIOyFHxlAaO8ye3/

Score
7/10

Malware Config

Targets

    • Target

      018c1c876ead95e84b7b9a081f4592b4_JaffaCakes118

    • Size

      340KB

    • MD5

      018c1c876ead95e84b7b9a081f4592b4

    • SHA1

      9db71ef9a021017abf1874afff0c4d97629211b6

    • SHA256

      9e81e3ade315a3c6faf9adb8144de1335ef232b5f57ee00c237bafcf0c6d7aee

    • SHA512

      1191a58c5395f2c3f5f0a88169bb215ac325a1aa22dad9475157d39b0c29101d22d52c5cc64df89a3e1d23ae95452810ea4a82815e2d76172fa44e0d80115c80

    • SSDEEP

      6144:G0PEtTPkAuAfjlJuj3QjgJ6snJZ/RjY07qVyLOyFTzVxh3VAitO8yb8D/3/:G0m3blK36QhuIOyFHxlAaO8ye3/

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks