Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d6a922922f152f59c252c7a922b0b09e_JaffaCakes118

  • Size

    192KB

  • Sample

    240909-tj41sszalg

  • MD5

    d6a922922f152f59c252c7a922b0b09e

  • SHA1

    b13203b255a9fc24611f017b59a92b242db5723e

  • SHA256

    af3cae1ae18f28bae10b1e1143855d1a5483d1cb2d5305c18d4e7aa61b2e9507

  • SHA512

    3d3bd89c3b44d801a8512c430e702694612c4670c804df7ff385018fe466ef1ff886995481a727be0c15bcd4a32322790920bb3b8cc5c15947cef3ff2d28bcd0

  • SSDEEP

    3072:9s38eKqxUzx2tiSU6b555r13q5a1QW3dQetxiEWFpbkEe/141/8AqUas6/5:9g7UyU67Q6d/EZ9qUa

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    smtp.1and1.es
  • Port:
    587
  • Username:
    restaurante@elsecretodechimiche.com
  • Password:
    elsecreto2019

Targets

    • Target

      d6a922922f152f59c252c7a922b0b09e_JaffaCakes118

    • Size

      192KB

    • MD5

      d6a922922f152f59c252c7a922b0b09e

    • SHA1

      b13203b255a9fc24611f017b59a92b242db5723e

    • SHA256

      af3cae1ae18f28bae10b1e1143855d1a5483d1cb2d5305c18d4e7aa61b2e9507

    • SHA512

      3d3bd89c3b44d801a8512c430e702694612c4670c804df7ff385018fe466ef1ff886995481a727be0c15bcd4a32322790920bb3b8cc5c15947cef3ff2d28bcd0

    • SSDEEP

      3072:9s38eKqxUzx2tiSU6b555r13q5a1QW3dQetxiEWFpbkEe/141/8AqUas6/5:9g7UyU67Q6d/EZ9qUa

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.