Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a4dfef7b46fbf00230026d73014a2d6d_JaffaCakes118
-
Size
395KB
-
Sample
240818-bzwegs1dlp
-
MD5
a4dfef7b46fbf00230026d73014a2d6d
-
SHA1
796daac0c7b4a15cc41cef70fb4888273c5827ae
-
SHA256
b965c405e5cde17a4bec38a3db8bbbd019ce0fd5d5bca93aa64e980839f295d3
-
SHA512
c76aa796d07095a5d97bb6b67e5e2252a23b2f52aa8ac74ca496200be5316b301cf3149ea7c871ba4b3af2cd6e46211c76b5304853c394b768e360227a9b0d8b
-
SSDEEP
12288:6+uoYjv7pMKT6izSlIMt7lEzZS8S9KOkanssOP:Goa11zzeJEzgr9fkanssOP
Malware Config
Targets
-
-
Target
a4dfef7b46fbf00230026d73014a2d6d_JaffaCakes118
-
Size
395KB
-
MD5
a4dfef7b46fbf00230026d73014a2d6d
-
SHA1
796daac0c7b4a15cc41cef70fb4888273c5827ae
-
SHA256
b965c405e5cde17a4bec38a3db8bbbd019ce0fd5d5bca93aa64e980839f295d3
-
SHA512
c76aa796d07095a5d97bb6b67e5e2252a23b2f52aa8ac74ca496200be5316b301cf3149ea7c871ba4b3af2cd6e46211c76b5304853c394b768e360227a9b0d8b
-
SSDEEP
12288:6+uoYjv7pMKT6izSlIMt7lEzZS8S9KOkanssOP:Goa11zzeJEzgr9fkanssOP
Score9/10-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Network Share Discovery
Attempt to gather information on host network.
-
Drops file in System32 directory
-