Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5d56dec0be...18.exe

windows7-x64

7

5d56dec0be...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d56dec0be3cee0baeebfa720dd77400_JaffaCakes118

  • Size

    360KB

  • Sample

    240719-x6vx7awdlr

  • MD5

    5d56dec0be3cee0baeebfa720dd77400

  • SHA1

    dfff930e8babfad960717c2a3e4850f8e81ec897

  • SHA256

    568d64af64da08ca74d518cc90929928c29679c5d1878a9f876b80842eead411

  • SHA512

    c8d03550f948fea956029e498ba073bdc6d8c4dd1a0cbb195725cf9798b313f16025a757a0eb5b21b4f72c6e31e460df5676e7971fcc10dc981bf82855b7f071

  • SSDEEP

    6144:x1pVeNYX/odGomfYyOUdFNFGFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFk:3pVeNVgFNFGFOFwcGF6cmFWc0FWc8cIl

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      5d56dec0be3cee0baeebfa720dd77400_JaffaCakes118

    • Size

      360KB

    • MD5

      5d56dec0be3cee0baeebfa720dd77400

    • SHA1

      dfff930e8babfad960717c2a3e4850f8e81ec897

    • SHA256

      568d64af64da08ca74d518cc90929928c29679c5d1878a9f876b80842eead411

    • SHA512

      c8d03550f948fea956029e498ba073bdc6d8c4dd1a0cbb195725cf9798b313f16025a757a0eb5b21b4f72c6e31e460df5676e7971fcc10dc981bf82855b7f071

    • SSDEEP

      6144:x1pVeNYX/odGomfYyOUdFNFGFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFk:3pVeNVgFNFGFOFwcGF6cmFWc0FWc8cIl

    Score
    7/10
    persistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks