Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d5ca9fe5fabb6e73ac3ad7f2003a78be_JaffaCakes118

  • Size

    209KB

  • Sample

    241208-hrdm2awphz

  • MD5

    d5ca9fe5fabb6e73ac3ad7f2003a78be

  • SHA1

    2688607178016a520c6891d058824a1000c8b726

  • SHA256

    b3ad64505b046123795f34ea06bc446b49eb1ab7c49078223e13d44938bcaffd

  • SHA512

    72313e527e59c39dbaf121ac63d9149f8e598b43b1cb27b97ee634fd6361b81a4c05a70985268f3b3b48f469fbdef1a36dc359d5b251943f24487b2b79dc753d

  • SSDEEP

    6144:3dBQ+MZUKHr7aaBJMSQCEV3x2r2crsZ2kZlkpq+JSrwwY:3bQ9XBj2x2r3reZGi

Malware Config

Targets

    • Target

      d5ca9fe5fabb6e73ac3ad7f2003a78be_JaffaCakes118

    • Size

      209KB

    • MD5

      d5ca9fe5fabb6e73ac3ad7f2003a78be

    • SHA1

      2688607178016a520c6891d058824a1000c8b726

    • SHA256

      b3ad64505b046123795f34ea06bc446b49eb1ab7c49078223e13d44938bcaffd

    • SHA512

      72313e527e59c39dbaf121ac63d9149f8e598b43b1cb27b97ee634fd6361b81a4c05a70985268f3b3b48f469fbdef1a36dc359d5b251943f24487b2b79dc753d

    • SSDEEP

      6144:3dBQ+MZUKHr7aaBJMSQCEV3x2r2crsZ2kZlkpq+JSrwwY:3bQ9XBj2x2r3reZGi

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks