Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1c2702cfd4a2effd1b80c416913529d2_JaffaCakes118

  • Size

    170KB

  • Sample

    240701-xrdelaxhnp

  • MD5

    1c2702cfd4a2effd1b80c416913529d2

  • SHA1

    a779fdb5270ee57f820dd4212f992950f09907a3

  • SHA256

    0c369fa4e5d433c3bbbcc83506fcbd15ac59de562ea647de9aa0ad51b1d8880a

  • SHA512

    0b41b087d30a63d4ad9de1ffb44a8f4d57829626a6abcdfdb03810dcdd3aaf869526bd01357c75335e4797949046ba8a596c4e318cbe53d2f2166a723a825497

  • SSDEEP

    3072:jt8XV6M5+9eWGConAb6X1jbkdnRmpwa9SeQvFFxGP8sTe51GLhxioutSy:RQ66SGCo59kdRla9pQtqRem7ioSv

Malware Config

Targets

    • Target

      1c2702cfd4a2effd1b80c416913529d2_JaffaCakes118

    • Size

      170KB

    • MD5

      1c2702cfd4a2effd1b80c416913529d2

    • SHA1

      a779fdb5270ee57f820dd4212f992950f09907a3

    • SHA256

      0c369fa4e5d433c3bbbcc83506fcbd15ac59de562ea647de9aa0ad51b1d8880a

    • SHA512

      0b41b087d30a63d4ad9de1ffb44a8f4d57829626a6abcdfdb03810dcdd3aaf869526bd01357c75335e4797949046ba8a596c4e318cbe53d2f2166a723a825497

    • SSDEEP

      3072:jt8XV6M5+9eWGConAb6X1jbkdnRmpwa9SeQvFFxGP8sTe51GLhxioutSy:RQ66SGCo59kdRla9pQtqRem7ioSv

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks