Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4dd1f45d8f5fca5a7e0fec4b3f6f14fe_JaffaCakes118

  • Size

    857KB

  • Sample

    240716-l16a7azcpb

  • MD5

    4dd1f45d8f5fca5a7e0fec4b3f6f14fe

  • SHA1

    95bd28322956a355d530747f2cee9dafa0e9dbc9

  • SHA256

    17388eae67e75156c59ff8880b2b328a0004b53fcbee264cf4eba99b5be551ef

  • SHA512

    ae39f88bddfb3c55f80fea22d966035530e123ceb246b460bc386fe571219ffaf0a677f2f7f11e6a2279d783c9845e5ab88ef56e8c1e18b34052cf5ef4bcb61e

  • SSDEEP

    24576:rLBAUUXWh/UolsaaUyokSCp2vJrG+NJHdBF+:rttUGKwan7xyxG

Malware Config

Targets

    • Target

      4dd1f45d8f5fca5a7e0fec4b3f6f14fe_JaffaCakes118

    • Size

      857KB

    • MD5

      4dd1f45d8f5fca5a7e0fec4b3f6f14fe

    • SHA1

      95bd28322956a355d530747f2cee9dafa0e9dbc9

    • SHA256

      17388eae67e75156c59ff8880b2b328a0004b53fcbee264cf4eba99b5be551ef

    • SHA512

      ae39f88bddfb3c55f80fea22d966035530e123ceb246b460bc386fe571219ffaf0a677f2f7f11e6a2279d783c9845e5ab88ef56e8c1e18b34052cf5ef4bcb61e

    • SSDEEP

      24576:rLBAUUXWh/UolsaaUyokSCp2vJrG+NJHdBF+:rttUGKwan7xyxG

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks