Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    16d673c834a48df5dfcc983333c84c12_JaffaCakes118

  • Size

    255KB

  • Sample

    241005-jv2dyathml

  • MD5

    16d673c834a48df5dfcc983333c84c12

  • SHA1

    9cce1cae7c37588d824ae2c9ee3d12ceeace4e30

  • SHA256

    81e3ccca7aa76b45e744d1e755933df7b63d10d7ce29d5b5b15c6ffacaa52894

  • SHA512

    3de82e5d712a590233e4c7ac8e7db6077adb04b2cad92ee8c98a8ecdf68c415fdc336a47c891559b91d9baf5c180dcc9ab3b574248c66eeb2d9064aedde3515c

  • SSDEEP

    6144:h1OgDPdkBAFZWjadD4s5T9FI1yx7In8RL3+6wjk8vfBuB:h1OgLdaO4aUn8RrZo0B

Malware Config

Targets

    • Target

      16d673c834a48df5dfcc983333c84c12_JaffaCakes118

    • Size

      255KB

    • MD5

      16d673c834a48df5dfcc983333c84c12

    • SHA1

      9cce1cae7c37588d824ae2c9ee3d12ceeace4e30

    • SHA256

      81e3ccca7aa76b45e744d1e755933df7b63d10d7ce29d5b5b15c6ffacaa52894

    • SHA512

      3de82e5d712a590233e4c7ac8e7db6077adb04b2cad92ee8c98a8ecdf68c415fdc336a47c891559b91d9baf5c180dcc9ab3b574248c66eeb2d9064aedde3515c

    • SSDEEP

      6144:h1OgDPdkBAFZWjadD4s5T9FI1yx7In8RL3+6wjk8vfBuB:h1OgLdaO4aUn8RrZo0B

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks