Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_2212e1e483f4db62f625f8abfeb4c942

  • Size

    165KB

  • Sample

    250113-f6qj2axqhx

  • MD5

    2212e1e483f4db62f625f8abfeb4c942

  • SHA1

    c4671dcdf9e7a1348f9504fb6bf6a13f099734f7

  • SHA256

    273e6e9469748b89fdcf45d11d95ccaa31775c639b6ced54cd0756e382480018

  • SHA512

    818e1687a498f833b7fd29a73e4e212eeb989fc1b76bb82e2d92259414635000f4e264e7792b1498b1adba5b79d26d2c5e61a811a9517742291c044393bfd525

  • SSDEEP

    3072:6o53+GnxSJhBpQ11hWn7qnS6VtaC6zS59RKQLlTPub8SdXkeK/GnzonfIf:UGUlWon7qSgNRVFuMnfIf

Malware Config

Targets

    • Target

      JaffaCakes118_2212e1e483f4db62f625f8abfeb4c942

    • Size

      165KB

    • MD5

      2212e1e483f4db62f625f8abfeb4c942

    • SHA1

      c4671dcdf9e7a1348f9504fb6bf6a13f099734f7

    • SHA256

      273e6e9469748b89fdcf45d11d95ccaa31775c639b6ced54cd0756e382480018

    • SHA512

      818e1687a498f833b7fd29a73e4e212eeb989fc1b76bb82e2d92259414635000f4e264e7792b1498b1adba5b79d26d2c5e61a811a9517742291c044393bfd525

    • SSDEEP

      3072:6o53+GnxSJhBpQ11hWn7qnS6VtaC6zS59RKQLlTPub8SdXkeK/GnzonfIf:UGUlWon7qSgNRVFuMnfIf

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks