Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    70e48a53d85e91b1b8fb28834d873e26_JaffaCakes118

  • Size

    242KB

  • Sample

    240725-x1n8fssfme

  • MD5

    70e48a53d85e91b1b8fb28834d873e26

  • SHA1

    214a8d7bb7ac94c41ab5038ff00b9ec6f6a84965

  • SHA256

    86c61d90a4d103acd8f83fd81afb6e72d23f9da1ed31cea90545185f0248086d

  • SHA512

    55c357075f027a5d90a15e99d7234bd7327090f11cb742c5afc0b33729caa3ef112561cb3f8c977ccc40f236e3e83d4f5a6f763a5cf92ed1d457f7331b4e3554

  • SSDEEP

    6144:lmheTjLHkJnixLhd/9DVts0RMwcm/sh9ObbyHQZTmY2DoS:lmsHAniZhbgh2sr2TZyHoS

Malware Config

Targets

    • Target

      70e48a53d85e91b1b8fb28834d873e26_JaffaCakes118

    • Size

      242KB

    • MD5

      70e48a53d85e91b1b8fb28834d873e26

    • SHA1

      214a8d7bb7ac94c41ab5038ff00b9ec6f6a84965

    • SHA256

      86c61d90a4d103acd8f83fd81afb6e72d23f9da1ed31cea90545185f0248086d

    • SHA512

      55c357075f027a5d90a15e99d7234bd7327090f11cb742c5afc0b33729caa3ef112561cb3f8c977ccc40f236e3e83d4f5a6f763a5cf92ed1d457f7331b4e3554

    • SSDEEP

      6144:lmheTjLHkJnixLhd/9DVts0RMwcm/sh9ObbyHQZTmY2DoS:lmsHAniZhbgh2sr2TZyHoS

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks