Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a21bf659ef8103b5e76912d8399b8026_JaffaCakes118

  • Size

    48KB

  • Sample

    240817-l15dwszdjg

  • MD5

    a21bf659ef8103b5e76912d8399b8026

  • SHA1

    0514191476770b0c78c3ddd7ad2e6c3d4875d419

  • SHA256

    e83a8010b3b0112d08473c7963e5213ce46369d397f5a9bbb59a463f463e5188

  • SHA512

    ac180209a3ba792e388cdbd267431abf7856f94da6373138d9065532ddaefce16f95b1417f83ff4c8ccca861128be31249f72fc9d2db713dce97db3f2ca6c25b

  • SSDEEP

    768:CobFiTt+KDFOOVt6BK8nlqiAplfhVUzwlw/k6GxMryQ4lNu:tbFiTt7ROOVwfn/ulfoOTxO6Nu

Malware Config

Targets

    • Target

      a21bf659ef8103b5e76912d8399b8026_JaffaCakes118

    • Size

      48KB

    • MD5

      a21bf659ef8103b5e76912d8399b8026

    • SHA1

      0514191476770b0c78c3ddd7ad2e6c3d4875d419

    • SHA256

      e83a8010b3b0112d08473c7963e5213ce46369d397f5a9bbb59a463f463e5188

    • SHA512

      ac180209a3ba792e388cdbd267431abf7856f94da6373138d9065532ddaefce16f95b1417f83ff4c8ccca861128be31249f72fc9d2db713dce97db3f2ca6c25b

    • SSDEEP

      768:CobFiTt+KDFOOVt6BK8nlqiAplfhVUzwlw/k6GxMryQ4lNu:tbFiTt7ROOVwfn/ulfoOTxO6Nu

    • Modifies firewall policy service

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks