Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e02065dd6de002344c388e7bdfbf97a2_JaffaCakes118

  • Size

    186KB

  • Sample

    241211-gg9r2szkas

  • MD5

    e02065dd6de002344c388e7bdfbf97a2

  • SHA1

    656541469d8c18b8fe9a9854bbb1c369b7bf1054

  • SHA256

    b5594c11132ca3d4a85ddbc38ba6d713e60d6378faead1955277bd6f7c63de8f

  • SHA512

    997beed2bf97230a7ada298dd8ea358ee7bd7bae256b308cff33de303511655abf7a340b9aea7ad45ff01071c1e90ca33f01dd4b4790cb62a28c2820a0d57cd4

  • SSDEEP

    3072:QLygpWZzpUyotbiI8IlPTsIxCW1wE8Mso/Hz5OsGdrBNT7QnG:QWRKN/QIxCm3hdN3GdrB6n

Malware Config

Targets

    • Target

      e02065dd6de002344c388e7bdfbf97a2_JaffaCakes118

    • Size

      186KB

    • MD5

      e02065dd6de002344c388e7bdfbf97a2

    • SHA1

      656541469d8c18b8fe9a9854bbb1c369b7bf1054

    • SHA256

      b5594c11132ca3d4a85ddbc38ba6d713e60d6378faead1955277bd6f7c63de8f

    • SHA512

      997beed2bf97230a7ada298dd8ea358ee7bd7bae256b308cff33de303511655abf7a340b9aea7ad45ff01071c1e90ca33f01dd4b4790cb62a28c2820a0d57cd4

    • SSDEEP

      3072:QLygpWZzpUyotbiI8IlPTsIxCW1wE8Mso/Hz5OsGdrBNT7QnG:QWRKN/QIxCm3hdN3GdrB6n

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks