Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    050117325a870535be0e3637a45d1ba5_JaffaCakes118

  • Size

    992KB

  • Sample

    240620-l4c4ta1gpd

  • MD5

    050117325a870535be0e3637a45d1ba5

  • SHA1

    c67a1618d33f34abfbf27da9e81d287c3df69dd9

  • SHA256

    1c7ee8dbc5f66a40b1b3a8a185be1c19d27541ef1c4f95938d0d71a3f07d768b

  • SHA512

    36102514fedd907b72142bed5869ec256dd2e530878544530299f1111e8da6174b54e2b617e9ce6e6ac3a7adc2aea31cd7308a271752f9e9b2a858f3f6fb3beb

  • SSDEEP

    12288:Qz9/32XvY6CD6zzXGytE0/OJKG+UlIKfJuUKo1nWjhStiSbUccDJIwsrome:U9vesuzzXGyO0/OJKiICuUKtYcwUccHx

Malware Config

Targets

    • Target

      050117325a870535be0e3637a45d1ba5_JaffaCakes118

    • Size

      992KB

    • MD5

      050117325a870535be0e3637a45d1ba5

    • SHA1

      c67a1618d33f34abfbf27da9e81d287c3df69dd9

    • SHA256

      1c7ee8dbc5f66a40b1b3a8a185be1c19d27541ef1c4f95938d0d71a3f07d768b

    • SHA512

      36102514fedd907b72142bed5869ec256dd2e530878544530299f1111e8da6174b54e2b617e9ce6e6ac3a7adc2aea31cd7308a271752f9e9b2a858f3f6fb3beb

    • SSDEEP

      12288:Qz9/32XvY6CD6zzXGytE0/OJKG+UlIKfJuUKo1nWjhStiSbUccDJIwsrome:U9vesuzzXGyO0/OJKiICuUKtYcwUccHx

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Accesses Microsoft Outlook accounts

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks