Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    88bcade2e5682e151ed994dde61b079e_JaffaCakes118

  • Size

    134KB

  • Sample

    240811-dhrq3swdlh

  • MD5

    88bcade2e5682e151ed994dde61b079e

  • SHA1

    8a16ff02ecbc366342a377a26f1d1d0497b1788e

  • SHA256

    35d99939ea17bd688e5b40d4b718b2f795a0677d676c95496c1f3009b13c366a

  • SHA512

    353f2504f061bcca52d66110dd95afde2307c637e7d9a37664ba010c5d50e7984f4616572337caff00f411928e84be52c31283dd679219d0a292d1d41c39f94c

  • SSDEEP

    3072:/jGKwgTLTCKFYnqqeVF8VUodWGTj3RvFWb0J8tgcnmujq2r:rqKF2qDVGVUodpTLhFyEtUfr

Malware Config

Targets

    • Target

      88bcade2e5682e151ed994dde61b079e_JaffaCakes118

    • Size

      134KB

    • MD5

      88bcade2e5682e151ed994dde61b079e

    • SHA1

      8a16ff02ecbc366342a377a26f1d1d0497b1788e

    • SHA256

      35d99939ea17bd688e5b40d4b718b2f795a0677d676c95496c1f3009b13c366a

    • SHA512

      353f2504f061bcca52d66110dd95afde2307c637e7d9a37664ba010c5d50e7984f4616572337caff00f411928e84be52c31283dd679219d0a292d1d41c39f94c

    • SSDEEP

      3072:/jGKwgTLTCKFYnqqeVF8VUodWGTj3RvFWb0J8tgcnmujq2r:rqKF2qDVGVUodpTLhFyEtUfr

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks