Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f510133c6d10ece7337af7e3917e0c51_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240925-dxf8wsvgje

  • MD5

    f510133c6d10ece7337af7e3917e0c51

  • SHA1

    4a19027142a0e27f84e109344775022d5379c370

  • SHA256

    dcc204393c04c86945992b48e764e4c53c4b0038fb7daefa10c7b6165420e4ad

  • SHA512

    48e3c6679895a0ff07473317990984065b882b215c98bbe57a0ca922b6f072a82a46a17addfeec42ea0364f167acd88b8230a3326db451920d4274dcc5017e48

  • SSDEEP

    49152:NseXldnEFNrYzjUWSG8Fd0qW9BT2HxKkaBdPk30Vv:2eyFNrYzjUzeXBW30V

Malware Config

Targets

    • Target

      f510133c6d10ece7337af7e3917e0c51_JaffaCakes118

    • Size

      1.8MB

    • MD5

      f510133c6d10ece7337af7e3917e0c51

    • SHA1

      4a19027142a0e27f84e109344775022d5379c370

    • SHA256

      dcc204393c04c86945992b48e764e4c53c4b0038fb7daefa10c7b6165420e4ad

    • SHA512

      48e3c6679895a0ff07473317990984065b882b215c98bbe57a0ca922b6f072a82a46a17addfeec42ea0364f167acd88b8230a3326db451920d4274dcc5017e48

    • SSDEEP

      49152:NseXldnEFNrYzjUWSG8Fd0qW9BT2HxKkaBdPk30Vv:2eyFNrYzjUzeXBW30V

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks