Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_09d607bb679423c3a1636d922b0470a8
-
Size
645KB
-
Sample
241231-ht4bgatlbs
-
MD5
09d607bb679423c3a1636d922b0470a8
-
SHA1
29895b10fbb22ea67adc7c05f9bde69dc79d8f68
-
SHA256
52c44545129a7efe21cc8a3b71a4166af528a5b5142425617dcc907f62471478
-
SHA512
90413037654dec1ecdd469cdc8a863ae82ac586a30f9e683aa1b9e3f8a54bc494fb99860f4fd4af4e5bc1da6974501af5a3c91e063fb762528f2f559a23ce0b6
-
SSDEEP
12288:rYG8GLVeUF+bZnoD2kUQf3zyJQ/aEy+W27jIhyeNnCZ:0G8GLwA+bZWXUQfDyqCINghygnCZ
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_09d607bb679423c3a1636d922b0470a8.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
JaffaCakes118_09d607bb679423c3a1636d922b0470a8
-
Size
645KB
-
MD5
09d607bb679423c3a1636d922b0470a8
-
SHA1
29895b10fbb22ea67adc7c05f9bde69dc79d8f68
-
SHA256
52c44545129a7efe21cc8a3b71a4166af528a5b5142425617dcc907f62471478
-
SHA512
90413037654dec1ecdd469cdc8a863ae82ac586a30f9e683aa1b9e3f8a54bc494fb99860f4fd4af4e5bc1da6974501af5a3c91e063fb762528f2f559a23ce0b6
-
SSDEEP
12288:rYG8GLVeUF+bZnoD2kUQf3zyJQ/aEy+W27jIhyeNnCZ:0G8GLwA+bZWXUQfDyqCINghygnCZ
-
Expiro family
-
Expiro payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2