Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2de0cb554e5f3c6f1365f3e5d13f3639_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241009-kbjkfssfrc

  • MD5

    2de0cb554e5f3c6f1365f3e5d13f3639

  • SHA1

    0d79035c83a7899ae857822c9ff2d1d2f4ca0e96

  • SHA256

    d39c4e12d513024eea1fbb09eebe347a99777b8cc4a0c5586d935038875a1e15

  • SHA512

    18157aef9f9b7a13045a65a0d818922f8594f50790ecc93ec375dc47285e9e436933a3eafde01b4624ac6b861fef9ec2fc1b3aa862dbe52327411c4d455fedbe

  • SSDEEP

    24576:cLiyZKWTMbZVlH50dG37v1JCbvbonvbYpM:cLhZyNudGLD8Kp

Malware Config

Targets

    • Target

      2de0cb554e5f3c6f1365f3e5d13f3639_JaffaCakes118

    • Size

      1.0MB

    • MD5

      2de0cb554e5f3c6f1365f3e5d13f3639

    • SHA1

      0d79035c83a7899ae857822c9ff2d1d2f4ca0e96

    • SHA256

      d39c4e12d513024eea1fbb09eebe347a99777b8cc4a0c5586d935038875a1e15

    • SHA512

      18157aef9f9b7a13045a65a0d818922f8594f50790ecc93ec375dc47285e9e436933a3eafde01b4624ac6b861fef9ec2fc1b3aa862dbe52327411c4d455fedbe

    • SSDEEP

      24576:cLiyZKWTMbZVlH50dG37v1JCbvbonvbYpM:cLhZyNudGLD8Kp

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks