Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d49d94af40aeab7b481e7b42b7dae302_JaffaCakes118

  • Size

    165KB

  • Sample

    241208-bz7shsvnez

  • MD5

    d49d94af40aeab7b481e7b42b7dae302

  • SHA1

    da76aa3018754acae1ef1900ababc7b7f0afbc7f

  • SHA256

    93c500600e4a24419a3558848efa7941c473a88bd1a7b47a428d59e2fa7e7542

  • SHA512

    80b67460c68c427d243a5031c3cc6811d8a19dc7b417b56db998f563bd65de7b1e1df4285a229872a309d015c3d29fec83074c9ba9c6686b96fa7d092481cd10

  • SSDEEP

    3072:lBRqOlBpWvra62io4pwelGSGHoDhITmsHF8ivJCfpVtVfubeBKHM1904fPqu:PRVmLhpwwnDiTJ76Lub3K9q

Malware Config

Targets

    • Target

      d49d94af40aeab7b481e7b42b7dae302_JaffaCakes118

    • Size

      165KB

    • MD5

      d49d94af40aeab7b481e7b42b7dae302

    • SHA1

      da76aa3018754acae1ef1900ababc7b7f0afbc7f

    • SHA256

      93c500600e4a24419a3558848efa7941c473a88bd1a7b47a428d59e2fa7e7542

    • SHA512

      80b67460c68c427d243a5031c3cc6811d8a19dc7b417b56db998f563bd65de7b1e1df4285a229872a309d015c3d29fec83074c9ba9c6686b96fa7d092481cd10

    • SSDEEP

      3072:lBRqOlBpWvra62io4pwelGSGHoDhITmsHF8ivJCfpVtVfubeBKHM1904fPqu:PRVmLhpwwnDiTJ76Lub3K9q

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks