Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c9eac63f583edaca596e4102c3900771_JaffaCakes118

  • Size

    156KB

  • Sample

    241205-3j38yatqhl

  • MD5

    c9eac63f583edaca596e4102c3900771

  • SHA1

    2c35aa8aeb1a5d898f05d5f1af8fe732bf4bdd24

  • SHA256

    b841c253a2fc6b627b2a278cd6d1fea9cf88fde99d28ef11a2644d0ed22f6480

  • SHA512

    0186f89a4a059416705c60b3d4dbd3337b8bc8bff8804e49dd66aa8d5de296a3a71c91c324c3b2374117d639a57f613408d0af54d441fc124683f59c78a83ac5

  • SSDEEP

    3072:UfWtcjNULF5L1PBzQCZys7BDipPSfazCwrbjGuWQGOxv:QtjqLF5L1fZys7BDwPCcGu0Ot

Malware Config

Targets

    • Target

      c9eac63f583edaca596e4102c3900771_JaffaCakes118

    • Size

      156KB

    • MD5

      c9eac63f583edaca596e4102c3900771

    • SHA1

      2c35aa8aeb1a5d898f05d5f1af8fe732bf4bdd24

    • SHA256

      b841c253a2fc6b627b2a278cd6d1fea9cf88fde99d28ef11a2644d0ed22f6480

    • SHA512

      0186f89a4a059416705c60b3d4dbd3337b8bc8bff8804e49dd66aa8d5de296a3a71c91c324c3b2374117d639a57f613408d0af54d441fc124683f59c78a83ac5

    • SSDEEP

      3072:UfWtcjNULF5L1PBzQCZys7BDipPSfazCwrbjGuWQGOxv:QtjqLF5L1fZys7BDwPCcGu0Ot

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks