Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c93103ec961eb6dd2366d47e999b48c6_JaffaCakes118

  • Size

    170KB

  • Sample

    241205-yp5lqsyrh1

  • MD5

    c93103ec961eb6dd2366d47e999b48c6

  • SHA1

    482209e30098bc8c6528e34d985aec3ae11fd60e

  • SHA256

    171a0c90fb780b65688a1c7c185524c241b15983e7b5a64d8c6de5480d24a598

  • SHA512

    9942d7f4abb6031e5c08b1901826cb1e1098ea556529d042bcc17125b8411e01fb368859e4b8404db0e298fb249b49b43bc081cc5b18c602aa153be7547e2913

  • SSDEEP

    3072:D2d9X4953BCnv+nbPyx/gKeGv6QyqV9ERa9zPdolLPE0wazbIL6TR:DUI9tTbxK/v2qrV9zPOlLPE/Y

Malware Config

Targets

    • Target

      c93103ec961eb6dd2366d47e999b48c6_JaffaCakes118

    • Size

      170KB

    • MD5

      c93103ec961eb6dd2366d47e999b48c6

    • SHA1

      482209e30098bc8c6528e34d985aec3ae11fd60e

    • SHA256

      171a0c90fb780b65688a1c7c185524c241b15983e7b5a64d8c6de5480d24a598

    • SHA512

      9942d7f4abb6031e5c08b1901826cb1e1098ea556529d042bcc17125b8411e01fb368859e4b8404db0e298fb249b49b43bc081cc5b18c602aa153be7547e2913

    • SSDEEP

      3072:D2d9X4953BCnv+nbPyx/gKeGv6QyqV9ERa9zPdolLPE0wazbIL6TR:DUI9tTbxK/v2qrV9zPOlLPE/Y

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks