Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fc481eef55550690716a35ccef072428_JaffaCakes118

  • Size

    248KB

  • Sample

    240928-phemasyalc

  • MD5

    fc481eef55550690716a35ccef072428

  • SHA1

    ca8c32164c615e179608a91ebae2c9dcc6662824

  • SHA256

    263557f3ad580d4416c30aa31da0f72f817d72545cf923725e1a12231c9b06c7

  • SHA512

    1941c62215faf76abc5aa62612d3a56498fc2dd675a1ef4fa4df36f77a1368f44c97ebc22aa1136319aee62667f53ec172ec41dc5efe346db5206ecf7c270d22

  • SSDEEP

    3072:gLiF91QlWBybXxlXfsYKFLS0Xru2P/rOC0T8ojeotY:QiD11uXf1KUSvXrOCijT+

Malware Config

Targets

    • Target

      fc481eef55550690716a35ccef072428_JaffaCakes118

    • Size

      248KB

    • MD5

      fc481eef55550690716a35ccef072428

    • SHA1

      ca8c32164c615e179608a91ebae2c9dcc6662824

    • SHA256

      263557f3ad580d4416c30aa31da0f72f817d72545cf923725e1a12231c9b06c7

    • SHA512

      1941c62215faf76abc5aa62612d3a56498fc2dd675a1ef4fa4df36f77a1368f44c97ebc22aa1136319aee62667f53ec172ec41dc5efe346db5206ecf7c270d22

    • SSDEEP

      3072:gLiF91QlWBybXxlXfsYKFLS0Xru2P/rOC0T8ojeotY:QiD11uXf1KUSvXrOCijT+

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks