Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d745c96c93f748979cbb107c83b14b47_JaffaCakes118

  • Size

    188KB

  • Sample

    241208-qp1nsavlfw

  • MD5

    d745c96c93f748979cbb107c83b14b47

  • SHA1

    43600e493360d35ca36a37f25aaaa0300b800e39

  • SHA256

    081b1d2bf111ffb73c006898c0d780ebf94fd0f588b6682141a2e8d008eb2436

  • SHA512

    7044785b3c8331c9a5fa2d6ae80a8dec765b56d9bbb54c32103c135f779935d73b20ecd57d62a1f98ec257144cdecf551de9c0735a11f15989653b24fe406ac6

  • SSDEEP

    3072:NCDtmPfvI6ZSnltQiOWChJE5megaGuTKhFKsbiQjoiDedMd/0AwX6Jgb1IP8M6L9:NPPI6ZSlwWE1zaNTK6sbiQjoXUMAwKJM

Malware Config

Targets

    • Target

      d745c96c93f748979cbb107c83b14b47_JaffaCakes118

    • Size

      188KB

    • MD5

      d745c96c93f748979cbb107c83b14b47

    • SHA1

      43600e493360d35ca36a37f25aaaa0300b800e39

    • SHA256

      081b1d2bf111ffb73c006898c0d780ebf94fd0f588b6682141a2e8d008eb2436

    • SHA512

      7044785b3c8331c9a5fa2d6ae80a8dec765b56d9bbb54c32103c135f779935d73b20ecd57d62a1f98ec257144cdecf551de9c0735a11f15989653b24fe406ac6

    • SSDEEP

      3072:NCDtmPfvI6ZSnltQiOWChJE5megaGuTKhFKsbiQjoiDedMd/0AwX6Jgb1IP8M6L9:NPPI6ZSlwWE1zaNTK6sbiQjoXUMAwKJM

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks