Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8aa1cfb4122c71c0684e82c3749b1da4_JaffaCakes118

  • Size

    336KB

  • Sample

    240811-q94k6ssejm

  • MD5

    8aa1cfb4122c71c0684e82c3749b1da4

  • SHA1

    940eccf8c2c708513b4b7d1ff00a9c475c0aefd2

  • SHA256

    ef2a69935322c5db3ce2559c176528fe8ebae0e3a5d87a69cf3a5d0d36fec55d

  • SHA512

    2c34de9c0f0301ffcf22c247775e70b9ace16d5c3943510d0ff6de95d1be8f994d0b00cf0e394405eaa6ef57c77ecd9c74d1885d1cf5c7d4c27f6521fcc0e11c

  • SSDEEP

    6144:pk+TvfDzsyocDrVcADoCCx76s4H9/7yK/ylkN/pkT:+UNaA0CCx76s4d/7Zylq

Malware Config

Targets

    • Target

      8aa1cfb4122c71c0684e82c3749b1da4_JaffaCakes118

    • Size

      336KB

    • MD5

      8aa1cfb4122c71c0684e82c3749b1da4

    • SHA1

      940eccf8c2c708513b4b7d1ff00a9c475c0aefd2

    • SHA256

      ef2a69935322c5db3ce2559c176528fe8ebae0e3a5d87a69cf3a5d0d36fec55d

    • SHA512

      2c34de9c0f0301ffcf22c247775e70b9ace16d5c3943510d0ff6de95d1be8f994d0b00cf0e394405eaa6ef57c77ecd9c74d1885d1cf5c7d4c27f6521fcc0e11c

    • SSDEEP

      6144:pk+TvfDzsyocDrVcADoCCx76s4H9/7yK/ylkN/pkT:+UNaA0CCx76s4d/7Zylq

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks