Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d746ed616e2b46bb11331fe34b2b2982_JaffaCakes118

  • Size

    154KB

  • Sample

    241208-qqxzaavlhw

  • MD5

    d746ed616e2b46bb11331fe34b2b2982

  • SHA1

    4b4e43dceac86abcde1049db0ac13b0dfb49f037

  • SHA256

    bbf473f2a751ab98548acfbd17c14d6bfdaed02bb4f170d4a0b239f257e60532

  • SHA512

    8ba9bbfa2bc16e3fb782a54d9559a5c6f899ae7b67c19fa1062191db3a991fa474c176a5a1d3e954d4290af03d23c5d9eab7d90c967a7e0b88bfb0c41574bca1

  • SSDEEP

    3072:d1aNLwIWD2m9VfZzDYVzGYrhWqLtn62ImCzQWossLBPWRbfoHb61tjweG0:L19VfWwYZh67rkWqLERbAHb61t/

Malware Config

Targets

    • Target

      d746ed616e2b46bb11331fe34b2b2982_JaffaCakes118

    • Size

      154KB

    • MD5

      d746ed616e2b46bb11331fe34b2b2982

    • SHA1

      4b4e43dceac86abcde1049db0ac13b0dfb49f037

    • SHA256

      bbf473f2a751ab98548acfbd17c14d6bfdaed02bb4f170d4a0b239f257e60532

    • SHA512

      8ba9bbfa2bc16e3fb782a54d9559a5c6f899ae7b67c19fa1062191db3a991fa474c176a5a1d3e954d4290af03d23c5d9eab7d90c967a7e0b88bfb0c41574bca1

    • SSDEEP

      3072:d1aNLwIWD2m9VfZzDYVzGYrhWqLtn62ImCzQWossLBPWRbfoHb61tjweG0:L19VfWwYZh67rkWqLERbAHb61t/

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks