Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a4d5eeb07bb81d0c99911a57a02d058b_JaffaCakes118

  • Size

    748KB

  • Sample

    240818-bq5xkaxemb

  • MD5

    a4d5eeb07bb81d0c99911a57a02d058b

  • SHA1

    904574e54f910793a3fe9f912d0911293350e4f4

  • SHA256

    92d1c63c4d8eb86dcb20961260b3cc92cafa4fd22889ba04ce63d7467abc67b7

  • SHA512

    1782cfcf668ebce1d71705d4f4da79a17ae1ad703850803ae3aab41f2002f5bfa3dbb4d951c55f7f4526b03e2db62db0e9d9553a46f820a25406b7ba09ac4df3

  • SSDEEP

    12288:NYLIHAa68vN/+nc6FwDqCpi96x58P1lAXGNrspt95Ehay8urkPz0TuTcj06K6:hgaJv5+ckw3pia5svT8uG0TuQjpR

Malware Config

Targets

    • Target

      a4d5eeb07bb81d0c99911a57a02d058b_JaffaCakes118

    • Size

      748KB

    • MD5

      a4d5eeb07bb81d0c99911a57a02d058b

    • SHA1

      904574e54f910793a3fe9f912d0911293350e4f4

    • SHA256

      92d1c63c4d8eb86dcb20961260b3cc92cafa4fd22889ba04ce63d7467abc67b7

    • SHA512

      1782cfcf668ebce1d71705d4f4da79a17ae1ad703850803ae3aab41f2002f5bfa3dbb4d951c55f7f4526b03e2db62db0e9d9553a46f820a25406b7ba09ac4df3

    • SSDEEP

      12288:NYLIHAa68vN/+nc6FwDqCpi96x58P1lAXGNrspt95Ehay8urkPz0TuTcj06K6:hgaJv5+ckw3pia5svT8uG0TuQjpR

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks