Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e32d431c7e28cf4392cabf071876c830_JaffaCakes118

  • Size

    179KB

  • Sample

    241211-zntnhssmhl

  • MD5

    e32d431c7e28cf4392cabf071876c830

  • SHA1

    5a7e765a22c1b17a367605629c0585a94f4d42c1

  • SHA256

    09a79b2d84ce8c6c9ed98ae25dcbfdd8b69edaa2d07e1418a452b622399468de

  • SHA512

    0068c9ba1f3ec2fa02401b2f309358a0a001a4019471f13b434a5ac04de2893c482ba911d44b6d73815f879c5d10c93ebad8f1dab94336a3f34a98f06356b382

  • SSDEEP

    3072:Qvpp4K6gHfihdTAMqciIrCRSSINuE4uVmqfWVpkmvFbYdupGb3HSbtLnlr+6Z6nZ:yH46HfihdTAMsIrCvhE4uEqEvFbYdefX

Malware Config

Targets

    • Target

      e32d431c7e28cf4392cabf071876c830_JaffaCakes118

    • Size

      179KB

    • MD5

      e32d431c7e28cf4392cabf071876c830

    • SHA1

      5a7e765a22c1b17a367605629c0585a94f4d42c1

    • SHA256

      09a79b2d84ce8c6c9ed98ae25dcbfdd8b69edaa2d07e1418a452b622399468de

    • SHA512

      0068c9ba1f3ec2fa02401b2f309358a0a001a4019471f13b434a5ac04de2893c482ba911d44b6d73815f879c5d10c93ebad8f1dab94336a3f34a98f06356b382

    • SSDEEP

      3072:Qvpp4K6gHfihdTAMqciIrCRSSINuE4uVmqfWVpkmvFbYdupGb3HSbtLnlr+6Z6nZ:yH46HfihdTAMsIrCvhE4uEqEvFbYdefX

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks