Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8607612a3704a65bdf35037bf3e82c40_JaffaCakes118

  • Size

    16KB

  • Sample

    240810-phktbayfmr

  • MD5

    8607612a3704a65bdf35037bf3e82c40

  • SHA1

    76d54dbe0101c511acf0eb1ff9f36b161ac6bea5

  • SHA256

    4262da59cf59bf0e54d7a8866f9d07a618f3da91ba65d833264a2b9086fa1f12

  • SHA512

    eec87228cf12572b1e8f5869f608518d8cf6ba8320f2a60559be27a26a6af1d385c59cd3a1445576cd16746960a1c2cd47ba104f2bb07628e6265a6ee0625098

  • SSDEEP

    384:BIhNdXTCtEgZzAltmZueXq2o5+rBmJqGISR:BI/FaEAzAltmZ42ocNG9R

Malware Config

Targets

    • Target

      8607612a3704a65bdf35037bf3e82c40_JaffaCakes118

    • Size

      16KB

    • MD5

      8607612a3704a65bdf35037bf3e82c40

    • SHA1

      76d54dbe0101c511acf0eb1ff9f36b161ac6bea5

    • SHA256

      4262da59cf59bf0e54d7a8866f9d07a618f3da91ba65d833264a2b9086fa1f12

    • SHA512

      eec87228cf12572b1e8f5869f608518d8cf6ba8320f2a60559be27a26a6af1d385c59cd3a1445576cd16746960a1c2cd47ba104f2bb07628e6265a6ee0625098

    • SSDEEP

      384:BIhNdXTCtEgZzAltmZueXq2o5+rBmJqGISR:BI/FaEAzAltmZ42ocNG9R

    • Disables service(s)

    • Stops running service(s)

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks