Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_73330cb0719b37116583e48070d792a2

  • Size

    34KB

  • Sample

    250107-xa1hssvpap

  • MD5

    73330cb0719b37116583e48070d792a2

  • SHA1

    c1e778eb93bf93a37e321463bc66cf6e12f1df31

  • SHA256

    a60e38107c45d60fafe0b7b4c07f7dc1ccd4bb123f14877e997888df99ac375c

  • SHA512

    fb552465d00fc1df42984793fac16e115ea74a9f7be7c8447ed33be961f002cb6bfd0e397815d645966dd87b0f49d17909899715883da069ac4b285f969520dc

  • SSDEEP

    768:Ip22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:IpYoX58z1uirL98xMWnT0OQ9J2

Malware Config

Targets

    • Target

      JaffaCakes118_73330cb0719b37116583e48070d792a2

    • Size

      34KB

    • MD5

      73330cb0719b37116583e48070d792a2

    • SHA1

      c1e778eb93bf93a37e321463bc66cf6e12f1df31

    • SHA256

      a60e38107c45d60fafe0b7b4c07f7dc1ccd4bb123f14877e997888df99ac375c

    • SHA512

      fb552465d00fc1df42984793fac16e115ea74a9f7be7c8447ed33be961f002cb6bfd0e397815d645966dd87b0f49d17909899715883da069ac4b285f969520dc

    • SSDEEP

      768:Ip22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:IpYoX58z1uirL98xMWnT0OQ9J2

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Tinba family

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks