Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    73845d9a8687cebd99fb57a0ef9a5c2c_JaffaCakes118

  • Size

    328KB

  • Sample

    240726-ln231azcpm

  • MD5

    73845d9a8687cebd99fb57a0ef9a5c2c

  • SHA1

    60c45525a5be8d12d8b2569a3738183ef0f5ee40

  • SHA256

    1681ee92966047652046efe9d62c270c3ff2e615f34981db791d59185351de84

  • SHA512

    d770a46b46d9f923174a41cd64ccb5542675b75e7bfb8e3026d7d991dff31a31fd9ef74aecabdd6624b5a3d7c97f67dd1e8ad27523dcbf973560f7f14264ce33

  • SSDEEP

    6144:Ake4FipkzuKsEo1gr8lciDn7kRQIMTeDxXezjSIX8okH1z6vzhBRDW0v:w4Fipkzufir8eMTeDxXQX5kH1z67h7rv

Malware Config

Targets

    • Target

      73845d9a8687cebd99fb57a0ef9a5c2c_JaffaCakes118

    • Size

      328KB

    • MD5

      73845d9a8687cebd99fb57a0ef9a5c2c

    • SHA1

      60c45525a5be8d12d8b2569a3738183ef0f5ee40

    • SHA256

      1681ee92966047652046efe9d62c270c3ff2e615f34981db791d59185351de84

    • SHA512

      d770a46b46d9f923174a41cd64ccb5542675b75e7bfb8e3026d7d991dff31a31fd9ef74aecabdd6624b5a3d7c97f67dd1e8ad27523dcbf973560f7f14264ce33

    • SSDEEP

      6144:Ake4FipkzuKsEo1gr8lciDn7kRQIMTeDxXezjSIX8okH1z6vzhBRDW0v:w4Fipkzufir8eMTeDxXQX5kH1z67h7rv

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks