Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118

  • Size

    164KB

  • Sample

    241208-c14mxssrfp

  • MD5

    d4d2ed9af22b504d28a3c71ba44fb931

  • SHA1

    785efcd0d606fa798b991bd9cb3cf945e7193a53

  • SHA256

    a20a0fa81c86275ebbb5aa0d465adc297391172e034ba4c3a9f73b5e34fe0922

  • SHA512

    4d9d82edf3faaf296955fc01717225223f7f10abd9c2566aba2d4e2bcf437548488086019400520ae7d697f7840237f147dd26274e44ffa2bf53176565306e55

  • SSDEEP

    3072:Y1wgtKwbbsgG6ZpBcxoOevxh2mo/uJ3bWhj6f0:Y1HQo9pZfmJuJ3q

Malware Config

Targets

    • Target

      d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118

    • Size

      164KB

    • MD5

      d4d2ed9af22b504d28a3c71ba44fb931

    • SHA1

      785efcd0d606fa798b991bd9cb3cf945e7193a53

    • SHA256

      a20a0fa81c86275ebbb5aa0d465adc297391172e034ba4c3a9f73b5e34fe0922

    • SHA512

      4d9d82edf3faaf296955fc01717225223f7f10abd9c2566aba2d4e2bcf437548488086019400520ae7d697f7840237f147dd26274e44ffa2bf53176565306e55

    • SSDEEP

      3072:Y1wgtKwbbsgG6ZpBcxoOevxh2mo/uJ3bWhj6f0:Y1HQo9pZfmJuJ3q

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks