Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e3563b8f44d31ee37795092a84a4528e_JaffaCakes118

  • Size

    176KB

  • Sample

    241211-1jjhestndr

  • MD5

    e3563b8f44d31ee37795092a84a4528e

  • SHA1

    aeea6518b9129f6c25a98a5932eb36a257286feb

  • SHA256

    c6f79560d75fa7e7aed3dc0ed4a409b2da1079801f3c825b3537d993652a3845

  • SHA512

    1fea4eb86b76317f6dcf22e01c22eb197b569dbcf823e16de5b70446453da511bb47639bdb97a87beb44889fd381ffaba8422847fbd93e08d642b66b9848336e

  • SSDEEP

    3072:PZsEiz8LfmCmKSkPcJjmQk3yt+IymbuAB2RKwRB/pjWwbeSG:PZsE+K7cJjXk3ypyxezGB/pSwbeS

Malware Config

Targets

    • Target

      e3563b8f44d31ee37795092a84a4528e_JaffaCakes118

    • Size

      176KB

    • MD5

      e3563b8f44d31ee37795092a84a4528e

    • SHA1

      aeea6518b9129f6c25a98a5932eb36a257286feb

    • SHA256

      c6f79560d75fa7e7aed3dc0ed4a409b2da1079801f3c825b3537d993652a3845

    • SHA512

      1fea4eb86b76317f6dcf22e01c22eb197b569dbcf823e16de5b70446453da511bb47639bdb97a87beb44889fd381ffaba8422847fbd93e08d642b66b9848336e

    • SSDEEP

      3072:PZsEiz8LfmCmKSkPcJjmQk3yt+IymbuAB2RKwRB/pjWwbeSG:PZsE+K7cJjXk3ypyxezGB/pSwbeS

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks