Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    752d15fcc7cc25121914cdeab45f9dc6_JaffaCakes118

  • Size

    340KB

  • Sample

    240726-ww94pawcmn

  • MD5

    752d15fcc7cc25121914cdeab45f9dc6

  • SHA1

    9146289552df5886f831edca03ff2e871f8b5925

  • SHA256

    4cd888d3122c48bd43daf5bbbd8c30e072446d8ca90247d248c77fce5dbb8c59

  • SHA512

    903d1ef8b3211b91f466d1814a83f74133ad18390453f7c8e95633dbe7ec1293341c81d118087ccfe3cdec60ea900748d4f7ec41d929ac2d3b209e1603d5bcc5

  • SSDEEP

    6144:6qcOWaUEX3PtWF8ftYOiS7AcMgyDl2mS0KGwy82AFKxpme2w9mydPdm9PcBPpU:6zaUatWo2OKgywmE8ayweFBGgpU

Malware Config

Targets

    • Target

      752d15fcc7cc25121914cdeab45f9dc6_JaffaCakes118

    • Size

      340KB

    • MD5

      752d15fcc7cc25121914cdeab45f9dc6

    • SHA1

      9146289552df5886f831edca03ff2e871f8b5925

    • SHA256

      4cd888d3122c48bd43daf5bbbd8c30e072446d8ca90247d248c77fce5dbb8c59

    • SHA512

      903d1ef8b3211b91f466d1814a83f74133ad18390453f7c8e95633dbe7ec1293341c81d118087ccfe3cdec60ea900748d4f7ec41d929ac2d3b209e1603d5bcc5

    • SSDEEP

      6144:6qcOWaUEX3PtWF8ftYOiS7AcMgyDl2mS0KGwy82AFKxpme2w9mydPdm9PcBPpU:6zaUatWo2OKgywmE8ayweFBGgpU

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks