Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
058e742688789d5b707e871046afc00a_JaffaCakes118
-
Size
1.3MB
-
Sample
241001-m32w8awbjr
-
MD5
058e742688789d5b707e871046afc00a
-
SHA1
3dd20a54eaef190906e63d7b6cc9557495192aac
-
SHA256
26bd2afd70f9f12673a2649af24180f20066879dd07f3506010111b965fbc31f
-
SHA512
e74f52a74bfac401f8b9d2344c7cb5dc6540e3866c822cae0de75bfd8e5f1506f785ea842c64ce3b3b57520a606e98c00beb63e3a60ba8ae61782d407f08458d
-
SSDEEP
24576:VOD4hj04NPKoCRacbo2KZU+evd3fgF/8FbAxwc0mfboo:8Qj0yUIHMvd3YVxwm
Malware Config
Targets
-
-
Target
058e742688789d5b707e871046afc00a_JaffaCakes118
-
Size
1.3MB
-
MD5
058e742688789d5b707e871046afc00a
-
SHA1
3dd20a54eaef190906e63d7b6cc9557495192aac
-
SHA256
26bd2afd70f9f12673a2649af24180f20066879dd07f3506010111b965fbc31f
-
SHA512
e74f52a74bfac401f8b9d2344c7cb5dc6540e3866c822cae0de75bfd8e5f1506f785ea842c64ce3b3b57520a606e98c00beb63e3a60ba8ae61782d407f08458d
-
SSDEEP
24576:VOD4hj04NPKoCRacbo2KZU+evd3fgF/8FbAxwc0mfboo:8Qj0yUIHMvd3YVxwm
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1