Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0863a5328d820d4986eda590e11c962b_JaffaCakes118

  • Size

    334KB

  • Sample

    241002-cl26jswbjc

  • MD5

    0863a5328d820d4986eda590e11c962b

  • SHA1

    dc6ddd94b34c594b6dfd730d1bf858aafe641877

  • SHA256

    4067832ad317c5facc0df7865c206fecd7634eba6a093126531bb40d56684642

  • SHA512

    28125bf57b1937e82ebff47fdfea64fc05bde925e3c7604bea8263f58da2f20bf7b4a4059cefe5e66b6d69604772b25e6cdc4b5aed4c21d0f08de3eba41d96ab

  • SSDEEP

    6144:AZvMGDCR4/6cSDCXfJl255cZdanRt3x8u:AdMuCR4/dpfC5aZdqh8u

Malware Config

Targets

    • Target

      0863a5328d820d4986eda590e11c962b_JaffaCakes118

    • Size

      334KB

    • MD5

      0863a5328d820d4986eda590e11c962b

    • SHA1

      dc6ddd94b34c594b6dfd730d1bf858aafe641877

    • SHA256

      4067832ad317c5facc0df7865c206fecd7634eba6a093126531bb40d56684642

    • SHA512

      28125bf57b1937e82ebff47fdfea64fc05bde925e3c7604bea8263f58da2f20bf7b4a4059cefe5e66b6d69604772b25e6cdc4b5aed4c21d0f08de3eba41d96ab

    • SSDEEP

      6144:AZvMGDCR4/6cSDCXfJl255cZdanRt3x8u:AdMuCR4/dpfC5aZdqh8u

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks