Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cfeefe6f5b066de38fef45786b34e82a_JaffaCakes118

  • Size

    78KB

  • Sample

    240906-tml96avhpm

  • MD5

    cfeefe6f5b066de38fef45786b34e82a

  • SHA1

    935020840ef9b8c5e58fa811d5cb197612af2805

  • SHA256

    305d5c8c8f00e7156dfacbf2e49524b6e87e3e7d3d5cca083d6156a82193610f

  • SHA512

    250276ced6b7d84b3126e8818207f6691f04f53bae7dfe40eb648cd2dcd6cdf9bf53fa5da3aefc6157430b2db8dab22a054eddac011e7b691b6efcbae8b9f1b3

  • SSDEEP

    768:/dICxZk/89MpVT7woQJcW/bnqC03T/yEwSndA/zJmnPi3JnrpZdxEk+fVx6P3jM0:/TYd5QJc/vaSybs4Zr+fX6P3jg

Malware Config

Targets

    • Target

      cfeefe6f5b066de38fef45786b34e82a_JaffaCakes118

    • Size

      78KB

    • MD5

      cfeefe6f5b066de38fef45786b34e82a

    • SHA1

      935020840ef9b8c5e58fa811d5cb197612af2805

    • SHA256

      305d5c8c8f00e7156dfacbf2e49524b6e87e3e7d3d5cca083d6156a82193610f

    • SHA512

      250276ced6b7d84b3126e8818207f6691f04f53bae7dfe40eb648cd2dcd6cdf9bf53fa5da3aefc6157430b2db8dab22a054eddac011e7b691b6efcbae8b9f1b3

    • SSDEEP

      768:/dICxZk/89MpVT7woQJcW/bnqC03T/yEwSndA/zJmnPi3JnrpZdxEk+fVx6P3jM0:/TYd5QJc/vaSybs4Zr+fX6P3jg

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Network Service Discovery

      Attempt to gather information on host's network.

    • Network Share Discovery

      Attempt to gather information on host network.

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks