Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4127d92b1e184c0052fecaf362d7d6af_JaffaCakes118

  • Size

    541KB

  • Sample

    240713-lppjasxhlh

  • MD5

    4127d92b1e184c0052fecaf362d7d6af

  • SHA1

    ff8c451ceb00046d0e3a8c98a89f97900769c527

  • SHA256

    05bfad4aaf8431c0e2c5bbf8945219c4bbe827103c2532142928e0e5a83e4cca

  • SHA512

    b283cf9810b2f86b61acee86542bb1dc528c1fa27d12def08802dd7c32e9da24d5c90d9270f16e34287f88b8d10b86dfb86503bd13f36a32b34cc63f84f4baff

  • SSDEEP

    12288:HIXBT2btYxAmU3d/0oYDQY8dG/Yv1TqPwc9dOLYsvlyTdEYx:CBT2beXD85v1B6+EDx

Malware Config

Targets

    • Target

      4127d92b1e184c0052fecaf362d7d6af_JaffaCakes118

    • Size

      541KB

    • MD5

      4127d92b1e184c0052fecaf362d7d6af

    • SHA1

      ff8c451ceb00046d0e3a8c98a89f97900769c527

    • SHA256

      05bfad4aaf8431c0e2c5bbf8945219c4bbe827103c2532142928e0e5a83e4cca

    • SHA512

      b283cf9810b2f86b61acee86542bb1dc528c1fa27d12def08802dd7c32e9da24d5c90d9270f16e34287f88b8d10b86dfb86503bd13f36a32b34cc63f84f4baff

    • SSDEEP

      12288:HIXBT2btYxAmU3d/0oYDQY8dG/Yv1TqPwc9dOLYsvlyTdEYx:CBT2beXD85v1B6+EDx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks