Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d933b96bdbf6362c640d7c97fe9f213a_JaffaCakes118

  • Size

    170KB

  • Sample

    241209-mp1r1azjgm

  • MD5

    d933b96bdbf6362c640d7c97fe9f213a

  • SHA1

    727ba56215856493a986a3a0eb0c8b6d338dfed0

  • SHA256

    493c11cff84d5664f7a8b80238bfc5e1d40c5c5a534fdcfe3f0f557eb9e1ddb7

  • SHA512

    928d2e9d812e2756d0402841c25621d76933d88c218cdeb2d47352b4cd615831944865ed89ae28105f63681501d272aa165b2ec2fa136495ac4667738adfff54

  • SSDEEP

    3072:TWTp7FGUqNppEwIXBMB/2Uj3WOrnI5Gg7VVhrY+flZNOR6Z4wk:TWTpZZqhETxMURceSu

Malware Config

Targets

    • Target

      d933b96bdbf6362c640d7c97fe9f213a_JaffaCakes118

    • Size

      170KB

    • MD5

      d933b96bdbf6362c640d7c97fe9f213a

    • SHA1

      727ba56215856493a986a3a0eb0c8b6d338dfed0

    • SHA256

      493c11cff84d5664f7a8b80238bfc5e1d40c5c5a534fdcfe3f0f557eb9e1ddb7

    • SHA512

      928d2e9d812e2756d0402841c25621d76933d88c218cdeb2d47352b4cd615831944865ed89ae28105f63681501d272aa165b2ec2fa136495ac4667738adfff54

    • SSDEEP

      3072:TWTp7FGUqNppEwIXBMB/2Uj3WOrnI5Gg7VVhrY+flZNOR6Z4wk:TWTpZZqhETxMURceSu

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks