Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3b3c19e3fac4b69c8ebffafb7043c5bd_JaffaCakes118

  • Size

    862KB

  • Sample

    240711-31vm5asemf

  • MD5

    3b3c19e3fac4b69c8ebffafb7043c5bd

  • SHA1

    e04b2fde5f4c83df0d819314a1846ac7f3ad61b2

  • SHA256

    8c7069790c6cc6997180516b9ae515d35743f51ac4e6995a9b960a41dfbb8200

  • SHA512

    f0bb2188af26ae5a0a6c98576afb218a2d09bd13abdf633fc2bbb8439a4761d19314408551086ef08c39b0fe9fa5570d64c8e1eb539f023293b69fe266fe2ed7

  • SSDEEP

    24576:f4P/gzEt/GaG93cnFBcKa+VHQ15CmD/v8rS:f4P/MEt/bnFBcKa+VHQ15f/UrS

Malware Config

Targets

    • Target

      3b3c19e3fac4b69c8ebffafb7043c5bd_JaffaCakes118

    • Size

      862KB

    • MD5

      3b3c19e3fac4b69c8ebffafb7043c5bd

    • SHA1

      e04b2fde5f4c83df0d819314a1846ac7f3ad61b2

    • SHA256

      8c7069790c6cc6997180516b9ae515d35743f51ac4e6995a9b960a41dfbb8200

    • SHA512

      f0bb2188af26ae5a0a6c98576afb218a2d09bd13abdf633fc2bbb8439a4761d19314408551086ef08c39b0fe9fa5570d64c8e1eb539f023293b69fe266fe2ed7

    • SSDEEP

      24576:f4P/gzEt/GaG93cnFBcKa+VHQ15CmD/v8rS:f4P/MEt/bnFBcKa+VHQ15f/UrS

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks