Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d9cf57a7c2e8430bd4224d594d6af42d_JaffaCakes118

  • Size

    332KB

  • Sample

    240911-hjdcasyamf

  • MD5

    d9cf57a7c2e8430bd4224d594d6af42d

  • SHA1

    49e4045518eaf43993e20417c957f6a46e9e7b02

  • SHA256

    ba251654fa02a35fd14bdf741e3e9bb6e16b19ef66a4ad9c8220a18598b05fcb

  • SHA512

    7f49c0fcc2de5aa845866b9ccc79d192276c0de2e35e703fd3b248ffb543571cfd58d3fa7912e638da8d346fa10a3752e41a1eacf1e9fcddf3e38fdf7c7a3695

  • SSDEEP

    6144:/Y5Ix+fkSpcmwSUjT9jCu9UOem7HQKoZufpU:/YP7pdwSK9Z9/xEZopU

Malware Config

Targets

    • Target

      d9cf57a7c2e8430bd4224d594d6af42d_JaffaCakes118

    • Size

      332KB

    • MD5

      d9cf57a7c2e8430bd4224d594d6af42d

    • SHA1

      49e4045518eaf43993e20417c957f6a46e9e7b02

    • SHA256

      ba251654fa02a35fd14bdf741e3e9bb6e16b19ef66a4ad9c8220a18598b05fcb

    • SHA512

      7f49c0fcc2de5aa845866b9ccc79d192276c0de2e35e703fd3b248ffb543571cfd58d3fa7912e638da8d346fa10a3752e41a1eacf1e9fcddf3e38fdf7c7a3695

    • SSDEEP

      6144:/Y5Ix+fkSpcmwSUjT9jCu9UOem7HQKoZufpU:/YP7pdwSK9Z9/xEZopU

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks