Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_52954c2358a97bda74c6c5b80f0c18b8

  • Size

    190KB

  • Sample

    250115-k17nkszmak

  • MD5

    52954c2358a97bda74c6c5b80f0c18b8

  • SHA1

    3fb8ee30d5f58c4dfaf6aed550b6ce46a71eedfa

  • SHA256

    22c7847fae88809cef808a3a3162fff078cf8cb093601a454d950b0cdd0363f9

  • SHA512

    1bd350f7cc35875d962d3d31689bfcaf8cb03246ee112b4f0255f3e7a02c383baf94ba6dca40f250dae3db6fef294c2d34c941602e0b168beda686637c970e5d

  • SSDEEP

    3072:H4ozKqV1QI7Y6zT0QxkZ+0V8YzksZsa6f2WribiX70fuUmjWh5n9BfCA9Q:H4GHV1xY84QCZ9V8YwmsafW/7qmjO/9C

Malware Config

Targets

    • Target

      JaffaCakes118_52954c2358a97bda74c6c5b80f0c18b8

    • Size

      190KB

    • MD5

      52954c2358a97bda74c6c5b80f0c18b8

    • SHA1

      3fb8ee30d5f58c4dfaf6aed550b6ce46a71eedfa

    • SHA256

      22c7847fae88809cef808a3a3162fff078cf8cb093601a454d950b0cdd0363f9

    • SHA512

      1bd350f7cc35875d962d3d31689bfcaf8cb03246ee112b4f0255f3e7a02c383baf94ba6dca40f250dae3db6fef294c2d34c941602e0b168beda686637c970e5d

    • SSDEEP

      3072:H4ozKqV1QI7Y6zT0QxkZ+0V8YzksZsa6f2WribiX70fuUmjWh5n9BfCA9Q:H4GHV1xY84QCZ9V8YwmsafW/7qmjO/9C

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks