Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    571d5c4b38305641cacafc463d6f9cef_JaffaCakes118

  • Size

    82KB

  • Sample

    241018-m972tatdmc

  • MD5

    571d5c4b38305641cacafc463d6f9cef

  • SHA1

    64c6f7efe42b72d5da38adf025b156d18cc9c59b

  • SHA256

    69ac420621d91567fb3b01e59493cfd723a977962ca3d80fe99c17780225d8f4

  • SHA512

    292130eec577a96fc0c8d94706893f0c0cc05581b78f438292f783686c796d0ffa21200308c6bb0aa8eecc6d786fd31b1c289d4f94909eca6e2b151708e078da

  • SSDEEP

    1536:lFYSF3bc72R2WbtjZTovF/AvSw6RRBJWbciBZFCv2P0Vi20rYa3Uqwu:lPg729btBovpvw6RRsbB2O2iT+Tu

Malware Config

Targets

    • Target

      571d5c4b38305641cacafc463d6f9cef_JaffaCakes118

    • Size

      82KB

    • MD5

      571d5c4b38305641cacafc463d6f9cef

    • SHA1

      64c6f7efe42b72d5da38adf025b156d18cc9c59b

    • SHA256

      69ac420621d91567fb3b01e59493cfd723a977962ca3d80fe99c17780225d8f4

    • SHA512

      292130eec577a96fc0c8d94706893f0c0cc05581b78f438292f783686c796d0ffa21200308c6bb0aa8eecc6d786fd31b1c289d4f94909eca6e2b151708e078da

    • SSDEEP

      1536:lFYSF3bc72R2WbtjZTovF/AvSw6RRBJWbciBZFCv2P0Vi20rYa3Uqwu:lPg729btBovpvw6RRsbB2O2iT+Tu

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $TEMP/MpegBuster.exe

    • Size

      23KB

    • MD5

      90d86909b73d3112e8f7c80ae353b3e4

    • SHA1

      7db0624c31fa6a03a0354cb36bfa475851a06702

    • SHA256

      93a706f1dbc4de3a1250e3e6d2c2c9534bf030b8fe8a12f271b6030d67492346

    • SHA512

      0ffc27c054405d58e3b8dd57537856e18f6509448b622acf57fb62890cc6367c1163a09dd05d351291f3055eafe8152bac1a26f784c6f75845030114a1e7a241

    • SSDEEP

      384:KptFzDeX9nvFqmQ3oanvnRS8n9IdnkfPjNkRFmVL/DLAxQ7fUdoNv/Fx:mhqX9ntqjvRS8mo6R0lHAqrUdS7

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Target

      Uninstall.exe

    • Size

      60KB

    • MD5

      6f5da74f61b6a47926343eb9910acc44

    • SHA1

      dcd5491faa78fa2b8000dca4406616dabbe95e49

    • SHA256

      68c52474873609f2f75c0bb9bbd0c46de026cd40fc19f44865acf1e9976282f3

    • SHA512

      8709acdbc39ad0657650246a38940925288658e44ea45eec4a354a8f58cd6aa371e270055f5bb5df1720c09ed110f8e4cc7a9662ca566405726acae6b9e711a2

    • SSDEEP

      1536:lFYSF3bc72R2WbtjZTovF/AvSw6R0BJW4:lPg729btBovpvw6R0D

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks