Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    540506c3f78b5d75987d66c683c549a4_JaffaCakes118

  • Size

    557KB

  • Sample

    241017-19kheatalr

  • MD5

    540506c3f78b5d75987d66c683c549a4

  • SHA1

    52846213d37f5ff462d7344446afaf2b5b52c352

  • SHA256

    6436b9c3d8419c12c92c3a6cddfd43c611809495894034ec0b7f13d738da6b1c

  • SHA512

    3603630b1cf611d8025cd0395bf3ca65b494ead464b5aa5e96afb2c81a90f9ecfc32423d6db99ca8caee750de8ab648e9b73af57e357a46b3251c962d232be57

  • SSDEEP

    12288:PGprxNCP22qurlbSoweEIdo94haP+qeRMMzZ:PGxxNCxDpOreEgo94haPviMMzZ

Malware Config

Targets

    • Target

      540506c3f78b5d75987d66c683c549a4_JaffaCakes118

    • Size

      557KB

    • MD5

      540506c3f78b5d75987d66c683c549a4

    • SHA1

      52846213d37f5ff462d7344446afaf2b5b52c352

    • SHA256

      6436b9c3d8419c12c92c3a6cddfd43c611809495894034ec0b7f13d738da6b1c

    • SHA512

      3603630b1cf611d8025cd0395bf3ca65b494ead464b5aa5e96afb2c81a90f9ecfc32423d6db99ca8caee750de8ab648e9b73af57e357a46b3251c962d232be57

    • SSDEEP

      12288:PGprxNCP22qurlbSoweEIdo94haP+qeRMMzZ:PGxxNCxDpOreEgo94haPviMMzZ

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks