Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    11ceaf50af64726138e16f7d7becda64_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241004-expeyatgjq

  • MD5

    11ceaf50af64726138e16f7d7becda64

  • SHA1

    e14d059d9fe1b498c7cecbe0d6cd816fab01c63e

  • SHA256

    2a31c152927b6f47648b6bec7599c410177fb80661c3a76e884601e347576534

  • SHA512

    813236cdefc29838cb76a41ef6ca4b0223bca7382db7c3be2f9c07d4f55c6a3b64c87e16692969a65526a82efa189e320674b83aea10c32763dffd0fde97d8b3

  • SSDEEP

    24576:4LiOqlFJfeUmg8IzCM8uz3RxyLUfTxyxgAKPJPNTykwST2v:4L8Wtg8IzCUz3HQjxXKP35XTO

Malware Config

Targets

    • Target

      11ceaf50af64726138e16f7d7becda64_JaffaCakes118

    • Size

      1.0MB

    • MD5

      11ceaf50af64726138e16f7d7becda64

    • SHA1

      e14d059d9fe1b498c7cecbe0d6cd816fab01c63e

    • SHA256

      2a31c152927b6f47648b6bec7599c410177fb80661c3a76e884601e347576534

    • SHA512

      813236cdefc29838cb76a41ef6ca4b0223bca7382db7c3be2f9c07d4f55c6a3b64c87e16692969a65526a82efa189e320674b83aea10c32763dffd0fde97d8b3

    • SSDEEP

      24576:4LiOqlFJfeUmg8IzCM8uz3RxyLUfTxyxgAKPJPNTykwST2v:4L8Wtg8IzCUz3HQjxXKP35XTO

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks