Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c8fc70f58d186bc77960daa2a2396111_JaffaCakes118

  • Size

    88KB

  • Sample

    240829-rkd5nawbqc

  • MD5

    c8fc70f58d186bc77960daa2a2396111

  • SHA1

    29965681b132ef5e8aca9f299b32f65d7cd9bea0

  • SHA256

    7595260b8b810dc3884e124d49bf57a5613fbf05fed58805a39b2f0a1bec2a0a

  • SHA512

    b2ed4ef83fadfa40706d6f1800f1a9ec4ecddd5ce00e73e3fe54f283a35a56c6ca594d41fa82b510da0a67ffc2a01e339df2e1df68edf499d54b0f5bb1f684e2

  • SSDEEP

    1536:VoGyX8vr1+baP1jkjUCW8r58g+16w1jWjUC481yDMFCvJgZP1aZd3BddzyhP1aWT:VWX8vr1+baP1jkjUCW8r58g+16w1jWjC

Malware Config

Targets

    • Target

      c8fc70f58d186bc77960daa2a2396111_JaffaCakes118

    • Size

      88KB

    • MD5

      c8fc70f58d186bc77960daa2a2396111

    • SHA1

      29965681b132ef5e8aca9f299b32f65d7cd9bea0

    • SHA256

      7595260b8b810dc3884e124d49bf57a5613fbf05fed58805a39b2f0a1bec2a0a

    • SHA512

      b2ed4ef83fadfa40706d6f1800f1a9ec4ecddd5ce00e73e3fe54f283a35a56c6ca594d41fa82b510da0a67ffc2a01e339df2e1df68edf499d54b0f5bb1f684e2

    • SSDEEP

      1536:VoGyX8vr1+baP1jkjUCW8r58g+16w1jWjUC481yDMFCvJgZP1aZd3BddzyhP1aWT:VWX8vr1+baP1jkjUCW8r58g+16w1jWjC

    • Disables RegEdit via registry modification

    • Drops file in Drivers directory

    • Event Triggered Execution: Image File Execution Options Injection

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks