Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    22ff1acf1a6c7ecafdb0d5a686e457d6_JaffaCakes118

  • Size

    169KB

  • Sample

    240703-tn3njaygkb

  • MD5

    22ff1acf1a6c7ecafdb0d5a686e457d6

  • SHA1

    bb8e192ab0e2efedf6d3cc8c9744690c0e26ff5f

  • SHA256

    da1ff72421209a3df6153b87b27f7e1a24e9ad6d2c2cb990fb51bce1cd1c4c9c

  • SHA512

    6f120002ced4ef2fb93e91853660fec44ebc6643d6f29a60cd1524cb9a2ba9560538fef9d822c3207728bac7a148f495e1926f3649e33fbf36d48f637af9afa8

  • SSDEEP

    3072:XbUsNSk+dpN2goBw69Non3iXMtvWJqRAq5e7G7VO8rhJZz2UXEvEr9RGBkuu46:AvjN2rnSyXYWf7+VOqh1XEvE9RF46

Malware Config

Targets

    • Target

      22ff1acf1a6c7ecafdb0d5a686e457d6_JaffaCakes118

    • Size

      169KB

    • MD5

      22ff1acf1a6c7ecafdb0d5a686e457d6

    • SHA1

      bb8e192ab0e2efedf6d3cc8c9744690c0e26ff5f

    • SHA256

      da1ff72421209a3df6153b87b27f7e1a24e9ad6d2c2cb990fb51bce1cd1c4c9c

    • SHA512

      6f120002ced4ef2fb93e91853660fec44ebc6643d6f29a60cd1524cb9a2ba9560538fef9d822c3207728bac7a148f495e1926f3649e33fbf36d48f637af9afa8

    • SSDEEP

      3072:XbUsNSk+dpN2goBw69Non3iXMtvWJqRAq5e7G7VO8rhJZz2UXEvEr9RGBkuu46:AvjN2rnSyXYWf7+VOqh1XEvE9RF46

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks