Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    682ec94bb1d5b92d31ec47d4f543269d_JaffaCakes118

  • Size

    864KB

  • Sample

    240723-s5tlhsxekm

  • MD5

    682ec94bb1d5b92d31ec47d4f543269d

  • SHA1

    8da6bb7afa72a470dcdf410700d4bcf63ce4587d

  • SHA256

    1ccded529cd86bcc7835625bb7d12dce03a0bd36a4e71904cd4600b71a1180a5

  • SHA512

    9b94e41859b0c008e1ac36c410dcbe8b90bf38812f7476868cd3b07b835f14b96e208194c5acc624680aa30e76ce980ebabff2224dd40b08e48e8c6efd917f8d

  • SSDEEP

    24576:OoJ+2/MfPnj3irL8JH8KLjYHRV8ZY9wQZdTSRiOU5MQ:bJN/MfPnmrL8ZBLSHY0rSTUi

Malware Config

Targets

    • Target

      682ec94bb1d5b92d31ec47d4f543269d_JaffaCakes118

    • Size

      864KB

    • MD5

      682ec94bb1d5b92d31ec47d4f543269d

    • SHA1

      8da6bb7afa72a470dcdf410700d4bcf63ce4587d

    • SHA256

      1ccded529cd86bcc7835625bb7d12dce03a0bd36a4e71904cd4600b71a1180a5

    • SHA512

      9b94e41859b0c008e1ac36c410dcbe8b90bf38812f7476868cd3b07b835f14b96e208194c5acc624680aa30e76ce980ebabff2224dd40b08e48e8c6efd917f8d

    • SSDEEP

      24576:OoJ+2/MfPnj3irL8JH8KLjYHRV8ZY9wQZdTSRiOU5MQ:bJN/MfPnmrL8ZBLSHY0rSTUi

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks