Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d76d39c59aa86990c4b93df62a066774_JaffaCakes118

  • Size

    162KB

  • Sample

    241208-relbsavrh1

  • MD5

    d76d39c59aa86990c4b93df62a066774

  • SHA1

    00c538a5e1a6bad55768998b44f99c6ae56633cf

  • SHA256

    05c80405e3db755a4e5ae985f7c32bc7d1039e36278dd1f845e1e07a34e2bf41

  • SHA512

    4aa7f240b55d310fa41839ed29ac9048ff1e1326f556df921b7585eeecc8db6e72986e6a3be1eb8fe0adfaca1b687826e20e78b4e3cfabdebc4d18c445340eb4

  • SSDEEP

    3072:gWtPChgcBSEWv1Jvo7MhpJvdQyj4mhDCVP5i0H0/xq0mKgDqSm5Z8pQEeq:JPzn1RVzvdz4LU/x4mvEZ

Malware Config

Targets

    • Target

      d76d39c59aa86990c4b93df62a066774_JaffaCakes118

    • Size

      162KB

    • MD5

      d76d39c59aa86990c4b93df62a066774

    • SHA1

      00c538a5e1a6bad55768998b44f99c6ae56633cf

    • SHA256

      05c80405e3db755a4e5ae985f7c32bc7d1039e36278dd1f845e1e07a34e2bf41

    • SHA512

      4aa7f240b55d310fa41839ed29ac9048ff1e1326f556df921b7585eeecc8db6e72986e6a3be1eb8fe0adfaca1b687826e20e78b4e3cfabdebc4d18c445340eb4

    • SSDEEP

      3072:gWtPChgcBSEWv1Jvo7MhpJvdQyj4mhDCVP5i0H0/xq0mKgDqSm5Z8pQEeq:JPzn1RVzvdz4LU/x4mvEZ

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks