Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_5fdddb58eff27abfc378771fbe002469

  • Size

    157KB

  • Sample

    250115-x5yyfstpar

  • MD5

    5fdddb58eff27abfc378771fbe002469

  • SHA1

    61af536b1ad31d6944fef4f05e476a848adf66d8

  • SHA256

    4dfe59ecb62e857148462091f0d55cf42866e895c184a22c12e54221f02770b0

  • SHA512

    4d66ff64d2f976672cdf1fd78971ab32347c2d709672a4b1a1177eff2a7f915cfb95de0de9815573d04f42edea16e9bd777209fc978c80172115e1d15433ee1f

  • SSDEEP

    3072:gKOHaunuo8yRlPyPqKukSrpyXhd3fScjzpC:gxaguohRlPRjrmhcgo

Malware Config

Targets

    • Target

      JaffaCakes118_5fdddb58eff27abfc378771fbe002469

    • Size

      157KB

    • MD5

      5fdddb58eff27abfc378771fbe002469

    • SHA1

      61af536b1ad31d6944fef4f05e476a848adf66d8

    • SHA256

      4dfe59ecb62e857148462091f0d55cf42866e895c184a22c12e54221f02770b0

    • SHA512

      4d66ff64d2f976672cdf1fd78971ab32347c2d709672a4b1a1177eff2a7f915cfb95de0de9815573d04f42edea16e9bd777209fc978c80172115e1d15433ee1f

    • SSDEEP

      3072:gKOHaunuo8yRlPyPqKukSrpyXhd3fScjzpC:gxaguohRlPRjrmhcgo

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks