Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    762c32ad7075ac7e8514d6c17a1d4cee_JaffaCakes118

  • Size

    250KB

  • Sample

    241027-11fg4atdqg

  • MD5

    762c32ad7075ac7e8514d6c17a1d4cee

  • SHA1

    2b766fe6bb4b6ddab332ec6ea27aa158efdae105

  • SHA256

    649dc0f7dae0fb859a01495eba11745a9b693bfddac8b66788aa2b67fd074392

  • SHA512

    a0f3b5ab757034711a146c2185c96f4e3a0bd5d9a8b7bd01ba0646d9e0b60c9bf0140dfd8ab464bd7d3d5396c29c046199d9f2ecbd5918096759c5322abc2cb7

  • SSDEEP

    6144:h1OgDPdkBAFZWjadD4s5iTuG9VfAMgao7XHN6BpdecYCA79:h1OgLdaOi19ZAWoDYx5vA79

Malware Config

Targets

    • Target

      762c32ad7075ac7e8514d6c17a1d4cee_JaffaCakes118

    • Size

      250KB

    • MD5

      762c32ad7075ac7e8514d6c17a1d4cee

    • SHA1

      2b766fe6bb4b6ddab332ec6ea27aa158efdae105

    • SHA256

      649dc0f7dae0fb859a01495eba11745a9b693bfddac8b66788aa2b67fd074392

    • SHA512

      a0f3b5ab757034711a146c2185c96f4e3a0bd5d9a8b7bd01ba0646d9e0b60c9bf0140dfd8ab464bd7d3d5396c29c046199d9f2ecbd5918096759c5322abc2cb7

    • SSDEEP

      6144:h1OgDPdkBAFZWjadD4s5iTuG9VfAMgao7XHN6BpdecYCA79:h1OgLdaOi19ZAWoDYx5vA79

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks