Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    76712364ba5486f52e387a5561bdba20_JaffaCakes118

  • Size

    688KB

  • Sample

    241027-27hrgavdka

  • MD5

    76712364ba5486f52e387a5561bdba20

  • SHA1

    35d175967531d509fa484caa1fb5e5e5012eb457

  • SHA256

    bea2c7b1a071d7a265612dd020d1154811f52a7f57cc2ae8cee49f6ec4325bca

  • SHA512

    66113b4456690e5b223b8433018833382b31a58e2bbd0be82b1d164e64270916bcd6722a068bff19a9abd17a7756e0ef38f9ebc83a40620b31afbd52bcc6ffa4

  • SSDEEP

    12288:zFSg+jAArTFhaDk8HrkPS8nUHDH8fW5pjqAYMlqSsI4qD4xfEMwsCyEZGE:hl+EArTFhaNZ8nUHDH8fWP+AYABvRD4Y

Malware Config

Targets

    • Target

      76712364ba5486f52e387a5561bdba20_JaffaCakes118

    • Size

      688KB

    • MD5

      76712364ba5486f52e387a5561bdba20

    • SHA1

      35d175967531d509fa484caa1fb5e5e5012eb457

    • SHA256

      bea2c7b1a071d7a265612dd020d1154811f52a7f57cc2ae8cee49f6ec4325bca

    • SHA512

      66113b4456690e5b223b8433018833382b31a58e2bbd0be82b1d164e64270916bcd6722a068bff19a9abd17a7756e0ef38f9ebc83a40620b31afbd52bcc6ffa4

    • SSDEEP

      12288:zFSg+jAArTFhaDk8HrkPS8nUHDH8fW5pjqAYMlqSsI4qD4xfEMwsCyEZGE:hl+EArTFhaNZ8nUHDH8fWP+AYABvRD4Y

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks