Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fe4baf0161dd5b7408dd2d41e64843fe_JaffaCakes118

  • Size

    36KB

  • Sample

    240929-l3t1yayhmp

  • MD5

    fe4baf0161dd5b7408dd2d41e64843fe

  • SHA1

    75db56ae6754bbc97845ba470e80bc779685cde1

  • SHA256

    638b91a6a31f885370ec2bf325e66683050cc675ebbfab6e7b726e18e3a4070b

  • SHA512

    f9f2f510545418ff38b33cfb517fc276da81415abfa38015af074037106dea722ad7a39a59301e25fd6d5ee19bfd32aecfe0bc89631b3dcf4d45c02da07f7644

  • SSDEEP

    384:/TlCPkepDT6x0121Uc4rcGgiB7bwCrp/Ovw5ITvmPWvvDWSyWN:/B+kepkmrcDIbwCrRITvmPWTRZ

Malware Config

Targets

    • Target

      fe4baf0161dd5b7408dd2d41e64843fe_JaffaCakes118

    • Size

      36KB

    • MD5

      fe4baf0161dd5b7408dd2d41e64843fe

    • SHA1

      75db56ae6754bbc97845ba470e80bc779685cde1

    • SHA256

      638b91a6a31f885370ec2bf325e66683050cc675ebbfab6e7b726e18e3a4070b

    • SHA512

      f9f2f510545418ff38b33cfb517fc276da81415abfa38015af074037106dea722ad7a39a59301e25fd6d5ee19bfd32aecfe0bc89631b3dcf4d45c02da07f7644

    • SSDEEP

      384:/TlCPkepDT6x0121Uc4rcGgiB7bwCrp/Ovw5ITvmPWvvDWSyWN:/B+kepkmrcDIbwCrRITvmPWTRZ

    • Event Triggered Execution: Image File Execution Options Injection

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks