Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f698c6d2b73741768a2b930fbb0b7540_JaffaCakes118

  • Size

    157KB

  • Sample

    240925-wz1peszemj

  • MD5

    f698c6d2b73741768a2b930fbb0b7540

  • SHA1

    5b7932a703b2e66548922f87a01397c43655eb1a

  • SHA256

    2e2c4f0b86fad63954a35b6ddcf7904dffac25e3b7d547fb0c393b73620b4dc1

  • SHA512

    72b319ad1c6b7b0d7cd6c51c7ecf1bb9bde30dbd161d3a981e96161a8df76bba1e3bdf7617104e74ad9108dcf56a70fe25742df2315735a7e28f579698680f96

  • SSDEEP

    3072:sr85CHkBY9bHb5gLQpBKel6pFLXjIavJA:k9HkB8HdgMp8ZpFLXMb

Malware Config

Targets

    • Target

      f698c6d2b73741768a2b930fbb0b7540_JaffaCakes118

    • Size

      157KB

    • MD5

      f698c6d2b73741768a2b930fbb0b7540

    • SHA1

      5b7932a703b2e66548922f87a01397c43655eb1a

    • SHA256

      2e2c4f0b86fad63954a35b6ddcf7904dffac25e3b7d547fb0c393b73620b4dc1

    • SHA512

      72b319ad1c6b7b0d7cd6c51c7ecf1bb9bde30dbd161d3a981e96161a8df76bba1e3bdf7617104e74ad9108dcf56a70fe25742df2315735a7e28f579698680f96

    • SSDEEP

      3072:sr85CHkBY9bHb5gLQpBKel6pFLXjIavJA:k9HkB8HdgMp8ZpFLXMb

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks