Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5d56dec0be3cee0baeebfa720dd77400_JaffaCakes118

  • Size

    360KB

  • Sample

    240719-x6vx7awdlr

  • MD5

    5d56dec0be3cee0baeebfa720dd77400

  • SHA1

    dfff930e8babfad960717c2a3e4850f8e81ec897

  • SHA256

    568d64af64da08ca74d518cc90929928c29679c5d1878a9f876b80842eead411

  • SHA512

    c8d03550f948fea956029e498ba073bdc6d8c4dd1a0cbb195725cf9798b313f16025a757a0eb5b21b4f72c6e31e460df5676e7971fcc10dc981bf82855b7f071

  • SSDEEP

    6144:x1pVeNYX/odGomfYyOUdFNFGFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFk:3pVeNVgFNFGFOFwcGF6cmFWc0FWc8cIl

Malware Config

Targets

    • Target

      5d56dec0be3cee0baeebfa720dd77400_JaffaCakes118

    • Size

      360KB

    • MD5

      5d56dec0be3cee0baeebfa720dd77400

    • SHA1

      dfff930e8babfad960717c2a3e4850f8e81ec897

    • SHA256

      568d64af64da08ca74d518cc90929928c29679c5d1878a9f876b80842eead411

    • SHA512

      c8d03550f948fea956029e498ba073bdc6d8c4dd1a0cbb195725cf9798b313f16025a757a0eb5b21b4f72c6e31e460df5676e7971fcc10dc981bf82855b7f071

    • SSDEEP

      6144:x1pVeNYX/odGomfYyOUdFNFGFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFk:3pVeNVgFNFGFOFwcGF6cmFWc0FWc8cIl

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks