Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d69a72bb30a04545e9bf4abe245d3630_JaffaCakes118

  • Size

    175KB

  • Sample

    241208-mmy6ds1lbt

  • MD5

    d69a72bb30a04545e9bf4abe245d3630

  • SHA1

    3fda4656f69f9aab573ee71a5a3fbc4dfa222a0e

  • SHA256

    eb548181ee69a324ac1120beaa1e52449311f861001017294c284b5b7474ade1

  • SHA512

    bde34d26496226809e37549a22508e2461afd72cf139f1aad88173272a54de7d8dbc5ba34b64b2402023792aba49ef45225a67d3e336283cb747559f14ee3e7e

  • SSDEEP

    3072:jbo/D0tSi4V6PecwoCKpY7bYt8m9wF/ZkGq/BdOt8NTH9q+5jkkS9:j4WSpV6Pecdn67bY6/kbjPAr

Malware Config

Targets

    • Target

      d69a72bb30a04545e9bf4abe245d3630_JaffaCakes118

    • Size

      175KB

    • MD5

      d69a72bb30a04545e9bf4abe245d3630

    • SHA1

      3fda4656f69f9aab573ee71a5a3fbc4dfa222a0e

    • SHA256

      eb548181ee69a324ac1120beaa1e52449311f861001017294c284b5b7474ade1

    • SHA512

      bde34d26496226809e37549a22508e2461afd72cf139f1aad88173272a54de7d8dbc5ba34b64b2402023792aba49ef45225a67d3e336283cb747559f14ee3e7e

    • SSDEEP

      3072:jbo/D0tSi4V6PecwoCKpY7bYt8m9wF/ZkGq/BdOt8NTH9q+5jkkS9:j4WSpV6Pecdn67bY6/kbjPAr

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks