Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3efe20bac6af3fd75a94829bfaa20101_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241013-k48eaaydnc

  • MD5

    3efe20bac6af3fd75a94829bfaa20101

  • SHA1

    ca57a75436de6a2364e69462a886f52cfb343689

  • SHA256

    a3daa255e9b753f4abc4a81e27d62b6858e14689509287c3938e6a41d0e36d82

  • SHA512

    36292ed9d66a04dce3dbd3aa42dd06dc77131d825f2d9ad0956c26bcaeebf3dc6ab3eafaab98e22a8a42f06d60c07594b71fb3876a16cc71e42304deb0cfe6ce

  • SSDEEP

    24576:4LidS4G4gPVf0xTBuzAMCdPTgMGOSta77nRE:4LE5sVfRAMC9TgMGO0sRE

Malware Config

Targets

    • Target

      3efe20bac6af3fd75a94829bfaa20101_JaffaCakes118

    • Size

      1.0MB

    • MD5

      3efe20bac6af3fd75a94829bfaa20101

    • SHA1

      ca57a75436de6a2364e69462a886f52cfb343689

    • SHA256

      a3daa255e9b753f4abc4a81e27d62b6858e14689509287c3938e6a41d0e36d82

    • SHA512

      36292ed9d66a04dce3dbd3aa42dd06dc77131d825f2d9ad0956c26bcaeebf3dc6ab3eafaab98e22a8a42f06d60c07594b71fb3876a16cc71e42304deb0cfe6ce

    • SSDEEP

      24576:4LidS4G4gPVf0xTBuzAMCdPTgMGOSta77nRE:4LE5sVfRAMC9TgMGO0sRE

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks