Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c8509dbdf5cc70ffdc451efbe6f1328c_JaffaCakes118

  • Size

    193KB

  • Sample

    241205-sn4edswmal

  • MD5

    c8509dbdf5cc70ffdc451efbe6f1328c

  • SHA1

    8da22f9403e5fa6c1db34d60785b6850259f1958

  • SHA256

    c9e8a9c1d15153168c3e22f04cae35cb2f57bc3a1c7b28416f68f146a6997c46

  • SHA512

    4c11358d749a1289d59dc13b401e0310fc1d724309ce20fcf26b68648a851fe3a4d8010da16e9173297ab8e5e0c2bb4457e16a7c10db3c1310dfb3b50ceb6d16

  • SSDEEP

    6144:kQGlhY0BAc0AIO24Dg2z22jJRK1PWJZ8GQ:9EhYU0ANDg2z22jJRuSmGQ

Malware Config

Targets

    • Target

      c8509dbdf5cc70ffdc451efbe6f1328c_JaffaCakes118

    • Size

      193KB

    • MD5

      c8509dbdf5cc70ffdc451efbe6f1328c

    • SHA1

      8da22f9403e5fa6c1db34d60785b6850259f1958

    • SHA256

      c9e8a9c1d15153168c3e22f04cae35cb2f57bc3a1c7b28416f68f146a6997c46

    • SHA512

      4c11358d749a1289d59dc13b401e0310fc1d724309ce20fcf26b68648a851fe3a4d8010da16e9173297ab8e5e0c2bb4457e16a7c10db3c1310dfb3b50ceb6d16

    • SSDEEP

      6144:kQGlhY0BAc0AIO24Dg2z22jJRK1PWJZ8GQ:9EhYU0ANDg2z22jJRuSmGQ

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks