Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d52e6e52485008f1df333c279c368783_JaffaCakes118

  • Size

    178KB

  • Sample

    241208-er7dkaskax

  • MD5

    d52e6e52485008f1df333c279c368783

  • SHA1

    5e8d9f961d5a598f8cf2d834bbb1218d48b67298

  • SHA256

    e0dcd3b33e78147ec3c91bb889064ff109c4544280e03c03c95d3118fd9a7601

  • SHA512

    593d2385de7dde1e59e69f7d02bb4c2c43f5c62ed30101a3877ca5853650f67b635a3342b2cca06728b017ecbe5d261078474156c58fba78bb8336c1c546f8a5

  • SSDEEP

    3072:115VVdZedtq4IFmlOaoT5iJkwMbL4hUiAZ7s/vcVebz48jMfEwwn3H5hL9wDSqax:LatOF3aoTtohytAbz4/fEww3Hr94Nxo

Malware Config

Targets

    • Target

      d52e6e52485008f1df333c279c368783_JaffaCakes118

    • Size

      178KB

    • MD5

      d52e6e52485008f1df333c279c368783

    • SHA1

      5e8d9f961d5a598f8cf2d834bbb1218d48b67298

    • SHA256

      e0dcd3b33e78147ec3c91bb889064ff109c4544280e03c03c95d3118fd9a7601

    • SHA512

      593d2385de7dde1e59e69f7d02bb4c2c43f5c62ed30101a3877ca5853650f67b635a3342b2cca06728b017ecbe5d261078474156c58fba78bb8336c1c546f8a5

    • SSDEEP

      3072:115VVdZedtq4IFmlOaoT5iJkwMbL4hUiAZ7s/vcVebz48jMfEwwn3H5hL9wDSqax:LatOF3aoTtohytAbz4/fEww3Hr94Nxo

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks