Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b4e8878e5b8fded3217d0e263296e388_JaffaCakes118

  • Size

    725KB

  • Sample

    241130-fqdwasykcp

  • MD5

    b4e8878e5b8fded3217d0e263296e388

  • SHA1

    4a7778fcc6011462cf1e7e9a7252129529aee000

  • SHA256

    67caab3ce1fe6bc1bdf7a3939f5e963e852beb894e927cd952fd545fe5e8c904

  • SHA512

    5cbb993b782f149333f78a031563c783bf5b66b35d07b9c82b0646dea340686e4a6ed738fb0c02899d8fdbbec12a5b4d6b23ffe9f675a0f7e452404bcf07f09f

  • SSDEEP

    12288:h1OgLdaORo99/rsFEt5hDG0SAMs9jR/jeRJKu9TJdwYGZtyjTje5jOSpJX:h1OYdaOROBsFEt5hDG0SAMs9jR/jaJn4

Malware Config

Targets

    • Target

      b4e8878e5b8fded3217d0e263296e388_JaffaCakes118

    • Size

      725KB

    • MD5

      b4e8878e5b8fded3217d0e263296e388

    • SHA1

      4a7778fcc6011462cf1e7e9a7252129529aee000

    • SHA256

      67caab3ce1fe6bc1bdf7a3939f5e963e852beb894e927cd952fd545fe5e8c904

    • SHA512

      5cbb993b782f149333f78a031563c783bf5b66b35d07b9c82b0646dea340686e4a6ed738fb0c02899d8fdbbec12a5b4d6b23ffe9f675a0f7e452404bcf07f09f

    • SSDEEP

      12288:h1OgLdaORo99/rsFEt5hDG0SAMs9jR/jeRJKu9TJdwYGZtyjTje5jOSpJX:h1OYdaOROBsFEt5hDG0SAMs9jR/jaJn4

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks