Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5775067330c393f0919f8885d8121be9_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241018-pq9seaxana

  • MD5

    5775067330c393f0919f8885d8121be9

  • SHA1

    c9138ae49ce20e04b35f04a0482929ed56c157ab

  • SHA256

    d87667080b5a0b61e09161b6ebaeb9e080c24bec0369818deb1dbed359cb1a06

  • SHA512

    53ffafeb667be27f485abd3ab9a416554749aa79f70b655edb3ad9341658c6b75a71cdf8abaaac4534773a73de18f6d57f15491bf48e3eca5b0470ba6d6ec177

  • SSDEEP

    24576:PLiyfHEEeH+36nFTy/Oy+yJHYkym8Y2B4DXQ37eHFHzJd:PLtPEEee36Fdy+yJHEmuByg37e5b

Malware Config

Targets

    • Target

      5775067330c393f0919f8885d8121be9_JaffaCakes118

    • Size

      1.0MB

    • MD5

      5775067330c393f0919f8885d8121be9

    • SHA1

      c9138ae49ce20e04b35f04a0482929ed56c157ab

    • SHA256

      d87667080b5a0b61e09161b6ebaeb9e080c24bec0369818deb1dbed359cb1a06

    • SHA512

      53ffafeb667be27f485abd3ab9a416554749aa79f70b655edb3ad9341658c6b75a71cdf8abaaac4534773a73de18f6d57f15491bf48e3eca5b0470ba6d6ec177

    • SSDEEP

      24576:PLiyfHEEeH+36nFTy/Oy+yJHYkym8Y2B4DXQ37eHFHzJd:PLtPEEee36Fdy+yJHEmuByg37e5b

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks