Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e43bfbdaf98a56bafaa9a2335f4f5308_JaffaCakes118

  • Size

    176KB

  • Sample

    241212-cmxmfswrez

  • MD5

    e43bfbdaf98a56bafaa9a2335f4f5308

  • SHA1

    c311ec51e5ce9c89294fe9b7a670cc7209e8d104

  • SHA256

    ba01d0bc21857a70b3871bba9248508357342b1f05c25e3b02201c2a5d7fac99

  • SHA512

    a33501a29e38a75e543e3e05753ac7e78385f0aed610a608d9fe09732b986e887bc47d7b71e54f567ec60da1583d869c99821ffc51f1054ec94cabcfc2c2aed1

  • SSDEEP

    3072:H6NJ7am8oFpXqNz4ozeL8UoizcoDh9oPQY3VzyAXmKLdiGsy5VQs3:aqoFpw2tcRtBzXmKj

Malware Config

Targets

    • Target

      e43bfbdaf98a56bafaa9a2335f4f5308_JaffaCakes118

    • Size

      176KB

    • MD5

      e43bfbdaf98a56bafaa9a2335f4f5308

    • SHA1

      c311ec51e5ce9c89294fe9b7a670cc7209e8d104

    • SHA256

      ba01d0bc21857a70b3871bba9248508357342b1f05c25e3b02201c2a5d7fac99

    • SHA512

      a33501a29e38a75e543e3e05753ac7e78385f0aed610a608d9fe09732b986e887bc47d7b71e54f567ec60da1583d869c99821ffc51f1054ec94cabcfc2c2aed1

    • SSDEEP

      3072:H6NJ7am8oFpXqNz4ozeL8UoizcoDh9oPQY3VzyAXmKLdiGsy5VQs3:aqoFpw2tcRtBzXmKj

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks