Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    47eef2c1de595f0f75f52e26b07b7327_JaffaCakes118

  • Size

    124KB

  • Sample

    240715-djjf4avenl

  • MD5

    47eef2c1de595f0f75f52e26b07b7327

  • SHA1

    c889e4c5502f372dfd8638caca6011057cf8197b

  • SHA256

    2e8064655d6ea1ebacf85d47343fd5dcc34568bf5e33cf204eeed59d11c44a16

  • SHA512

    257c4b2ee01ebfcf5fd1c7bf178fce62d35fe1b8290097fabb677205ea1ac47a65a80c1180a92297c7bb598911f1089ad15c99fe94ca3e11f167c3ca11293b68

  • SSDEEP

    1536:JxqjQ+P04wsmJC1L8RuP1HlQS+oiG+mOnUQX1tXaH3VBCtc7QAc+0HBf:sr85C1lQS+oiGxQFtX6/MAc+Ef

Malware Config

Targets

    • Target

      47eef2c1de595f0f75f52e26b07b7327_JaffaCakes118

    • Size

      124KB

    • MD5

      47eef2c1de595f0f75f52e26b07b7327

    • SHA1

      c889e4c5502f372dfd8638caca6011057cf8197b

    • SHA256

      2e8064655d6ea1ebacf85d47343fd5dcc34568bf5e33cf204eeed59d11c44a16

    • SHA512

      257c4b2ee01ebfcf5fd1c7bf178fce62d35fe1b8290097fabb677205ea1ac47a65a80c1180a92297c7bb598911f1089ad15c99fe94ca3e11f167c3ca11293b68

    • SSDEEP

      1536:JxqjQ+P04wsmJC1L8RuP1HlQS+oiG+mOnUQX1tXaH3VBCtc7QAc+0HBf:sr85C1lQS+oiGxQFtX6/MAc+Ef

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks