Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    db7241a0d65a834adc9701d1878d2653_JaffaCakes118

  • Size

    158KB

  • Sample

    241209-zgw53avrhp

  • MD5

    db7241a0d65a834adc9701d1878d2653

  • SHA1

    4510482471b4f1a69635fdddec525d4e907212c4

  • SHA256

    4d49f015bd331bf7f5f75b80579179d6185ad9e44855d0db7e5113ff932a50ad

  • SHA512

    c02d4d667292c2d0f6f8f6f149603d8dc5210a6a8460b1d30f472bb6f91af5cdad1a57364befd3a68460e69fb47ae0a3bc5e535e706cc94997f304e53402ba8f

  • SSDEEP

    3072:+nOyU5aSxU9SCdHkW+5aTFl9GF8Y3QyxoPbV5Eq:EOyU5uSCWWSapl9Vu94H

Malware Config

Targets

    • Target

      db7241a0d65a834adc9701d1878d2653_JaffaCakes118

    • Size

      158KB

    • MD5

      db7241a0d65a834adc9701d1878d2653

    • SHA1

      4510482471b4f1a69635fdddec525d4e907212c4

    • SHA256

      4d49f015bd331bf7f5f75b80579179d6185ad9e44855d0db7e5113ff932a50ad

    • SHA512

      c02d4d667292c2d0f6f8f6f149603d8dc5210a6a8460b1d30f472bb6f91af5cdad1a57364befd3a68460e69fb47ae0a3bc5e535e706cc94997f304e53402ba8f

    • SSDEEP

      3072:+nOyU5aSxU9SCdHkW+5aTFl9GF8Y3QyxoPbV5Eq:EOyU5uSCWWSapl9Vu94H

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks