Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a09c0fad3033777e3051d6aee28e22f2_JaffaCakes118

  • Size

    124KB

  • Sample

    240817-ba19fa1dkn

  • MD5

    a09c0fad3033777e3051d6aee28e22f2

  • SHA1

    f262f770a2fd61034101961cf7e59f436e5ec4e2

  • SHA256

    4baef42f07124b819866990e97745c2d44a95340fa0a54b8d4eddf7f2a30086c

  • SHA512

    26d85b626767686ef0967f00dc4e223efbf979664c6f11fad656b96730d2b81e4078c7de4c168bce9b5892bb487377aea8f72c65535a8a31895d0ca96e6efa7a

  • SSDEEP

    3072:Q9gg2CUptT76YtFD0PvqM28GSff3KDRZHt5HX00C9L:6/Ur6YtaPDj455k0a

Malware Config

Targets

    • Target

      a09c0fad3033777e3051d6aee28e22f2_JaffaCakes118

    • Size

      124KB

    • MD5

      a09c0fad3033777e3051d6aee28e22f2

    • SHA1

      f262f770a2fd61034101961cf7e59f436e5ec4e2

    • SHA256

      4baef42f07124b819866990e97745c2d44a95340fa0a54b8d4eddf7f2a30086c

    • SHA512

      26d85b626767686ef0967f00dc4e223efbf979664c6f11fad656b96730d2b81e4078c7de4c168bce9b5892bb487377aea8f72c65535a8a31895d0ca96e6efa7a

    • SSDEEP

      3072:Q9gg2CUptT76YtFD0PvqM28GSff3KDRZHt5HX00C9L:6/Ur6YtaPDj455k0a

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks