Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0df3318d819d9ad6ebd2a967f1e98813_JaffaCakes118

  • Size

    164KB

  • Sample

    240625-nx3f8s1cmj

  • MD5

    0df3318d819d9ad6ebd2a967f1e98813

  • SHA1

    5072f8aed37a42d820ba58472dfc48ba02dad908

  • SHA256

    286c8d67eac594e9b15b554607c9c8a9a3c72cc99c0d7a62e15b74c9ec5a3253

  • SHA512

    2a1366573abcea264470ef34a1c38319db5d65d9260943751943571bd18ba84fc6768d9453b37be8aed843039ff5fff8f365b7fa9fe425d45051207668e3a501

  • SSDEEP

    3072:h8JoE0ABLF7U9/IjKZcg3T4pxyLaQFiAXCgRdAesXGDQghH/cE:UiWFGcg6AiIRuBXAf

Malware Config

Targets

    • Target

      0df3318d819d9ad6ebd2a967f1e98813_JaffaCakes118

    • Size

      164KB

    • MD5

      0df3318d819d9ad6ebd2a967f1e98813

    • SHA1

      5072f8aed37a42d820ba58472dfc48ba02dad908

    • SHA256

      286c8d67eac594e9b15b554607c9c8a9a3c72cc99c0d7a62e15b74c9ec5a3253

    • SHA512

      2a1366573abcea264470ef34a1c38319db5d65d9260943751943571bd18ba84fc6768d9453b37be8aed843039ff5fff8f365b7fa9fe425d45051207668e3a501

    • SSDEEP

      3072:h8JoE0ABLF7U9/IjKZcg3T4pxyLaQFiAXCgRdAesXGDQghH/cE:UiWFGcg6AiIRuBXAf

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks