Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    438865e77cbdc54d8a00c57a64f1b5a1_JaffaCakes118

  • Size

    322KB

  • Sample

    240713-1247vayhkn

  • MD5

    438865e77cbdc54d8a00c57a64f1b5a1

  • SHA1

    a2a6af25ee28a9a0ade46734701bcebf15a7e4ab

  • SHA256

    253ed82cd534713a8393692075c3c28f525dd43712671b3c42e43b20d66a3dda

  • SHA512

    f490bc06a6801ff2a4f94fdc48d09239215d10a6a12141c71d3b71a58d9afc49ada318b3718bb6c035464a5bd5df3a851d05e77d105f831c9ae9a17a7eaf990c

  • SSDEEP

    3072:XD2hT7lKbvfldRMtyyYyOTXsF5XN10A8oPcnDArqeFndYP0qz9X/0ljywg:XDe7lKbnlMg/yO7aNkAyeNFnUHZUWP

Malware Config

Targets

    • Target

      438865e77cbdc54d8a00c57a64f1b5a1_JaffaCakes118

    • Size

      322KB

    • MD5

      438865e77cbdc54d8a00c57a64f1b5a1

    • SHA1

      a2a6af25ee28a9a0ade46734701bcebf15a7e4ab

    • SHA256

      253ed82cd534713a8393692075c3c28f525dd43712671b3c42e43b20d66a3dda

    • SHA512

      f490bc06a6801ff2a4f94fdc48d09239215d10a6a12141c71d3b71a58d9afc49ada318b3718bb6c035464a5bd5df3a851d05e77d105f831c9ae9a17a7eaf990c

    • SSDEEP

      3072:XD2hT7lKbvfldRMtyyYyOTXsF5XN10A8oPcnDArqeFndYP0qz9X/0ljywg:XDe7lKbnlMg/yO7aNkAyeNFnUHZUWP

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks