Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a9ed576a45d31c55b89b47692818ec36_JaffaCakes118

  • Size

    7.4MB

  • Sample

    240819-g4tdksydng

  • MD5

    a9ed576a45d31c55b89b47692818ec36

  • SHA1

    97401500d68729adf176593049668edf1ece06eb

  • SHA256

    83fc075e6f10aa06973e230e0ea27f6fe59713957bc4905bc7995ff371ecc9c3

  • SHA512

    956dc95ac182bafffb170a536f73a382cc2825c16c88b73021d44d8a2611e3dd2f03abfd6fd2b73b2cd96817573f910fd9e1af8927ec0fa48e4b201a8fcdb80c

  • SSDEEP

    196608:tuCUGeI179onJ5hrZERTyiU8AdZYJERepWrTut7GsQqb4:fl9c5hlERLAdZYyEpWruG

Malware Config

Targets

    • Target

      a9ed576a45d31c55b89b47692818ec36_JaffaCakes118

    • Size

      7.4MB

    • MD5

      a9ed576a45d31c55b89b47692818ec36

    • SHA1

      97401500d68729adf176593049668edf1ece06eb

    • SHA256

      83fc075e6f10aa06973e230e0ea27f6fe59713957bc4905bc7995ff371ecc9c3

    • SHA512

      956dc95ac182bafffb170a536f73a382cc2825c16c88b73021d44d8a2611e3dd2f03abfd6fd2b73b2cd96817573f910fd9e1af8927ec0fa48e4b201a8fcdb80c

    • SSDEEP

      196608:tuCUGeI179onJ5hrZERTyiU8AdZYJERepWrTut7GsQqb4:fl9c5hlERLAdZYyEpWruG

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks