Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    18cc65990e94df38c053d6c0d436e914_JaffaCakes118

  • Size

    360KB

  • Sample

    240628-e84zrs1gjd

  • MD5

    18cc65990e94df38c053d6c0d436e914

  • SHA1

    687ce348730a459d1400cdb5e9d7883c7c88ba9d

  • SHA256

    74cd7d777f135b0ba053a1d3646400f8de414bd9763945204d1f544c605ba3ff

  • SHA512

    6b9064086fadc9decaff20393c10df129345ce3c357332976dd3db445324a3cfceeead3df10db61be84a49580d7dba4e0cc9519b546c49bba77002109f023a1f

  • SSDEEP

    6144:PE8p3s56FYIfUPq/DNAs0TJ3AkpRa5nOdaXzM6CRY0cehlj5qOBCHjEoqKc7W0uX:c8p3s6UeyrNFpkpXAC0co5qECHMwf

Malware Config

Targets

    • Target

      18cc65990e94df38c053d6c0d436e914_JaffaCakes118

    • Size

      360KB

    • MD5

      18cc65990e94df38c053d6c0d436e914

    • SHA1

      687ce348730a459d1400cdb5e9d7883c7c88ba9d

    • SHA256

      74cd7d777f135b0ba053a1d3646400f8de414bd9763945204d1f544c605ba3ff

    • SHA512

      6b9064086fadc9decaff20393c10df129345ce3c357332976dd3db445324a3cfceeead3df10db61be84a49580d7dba4e0cc9519b546c49bba77002109f023a1f

    • SSDEEP

      6144:PE8p3s56FYIfUPq/DNAs0TJ3AkpRa5nOdaXzM6CRY0cehlj5qOBCHjEoqKc7W0uX:c8p3s6UeyrNFpkpXAC0co5qECHMwf

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Accesses Microsoft Outlook profiles

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks