Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cf7e798677be88a8d57f1a70b08c51ac_JaffaCakes118

  • Size

    220KB

  • Sample

    240906-pakhksvfkl

  • MD5

    cf7e798677be88a8d57f1a70b08c51ac

  • SHA1

    127bb8d556878e51d2ff532aa9fb2a025038a087

  • SHA256

    4ce532ca66f52be999e1ae651a14245d00c70deaab4ef89fc2788c50c0ff0621

  • SHA512

    6260873f5d4a4f4c0d159c79a52f0eda0a856c880189398e86d83ef8db4e9774ef006257d9716640cbb16f71ea8230cef6386993dc739567277a2598710834c9

  • SSDEEP

    3072:DOLZB4qxV8LfZnsveixlaLqaMa/kX4JrBwPfCf2VIoIIfwUM2TUF:yLZB4UV8hsTxlaLHMQkXIrBVf6xP0

Malware Config

Targets

    • Target

      cf7e798677be88a8d57f1a70b08c51ac_JaffaCakes118

    • Size

      220KB

    • MD5

      cf7e798677be88a8d57f1a70b08c51ac

    • SHA1

      127bb8d556878e51d2ff532aa9fb2a025038a087

    • SHA256

      4ce532ca66f52be999e1ae651a14245d00c70deaab4ef89fc2788c50c0ff0621

    • SHA512

      6260873f5d4a4f4c0d159c79a52f0eda0a856c880189398e86d83ef8db4e9774ef006257d9716640cbb16f71ea8230cef6386993dc739567277a2598710834c9

    • SSDEEP

      3072:DOLZB4qxV8LfZnsveixlaLqaMa/kX4JrBwPfCf2VIoIIfwUM2TUF:yLZB4UV8hsTxlaLHMQkXIrBVf6xP0

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks