Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_81af0fe78842a1f601cddfb6dda09dfc

  • Size

    165KB

  • Sample

    250116-zngc7aylbz

  • MD5

    81af0fe78842a1f601cddfb6dda09dfc

  • SHA1

    f674df8566d9f5722c553d95cc05183603830cc7

  • SHA256

    1553881425fa895cb6dfa1de4410fbdd3363f117c64cefec69764651caa71d99

  • SHA512

    92992b9c055ae990dad4e96babd98f09895ea660b873f6d6a8a0b8966ec8954e0c57c59b0aa5dce306f3b8eeedb49bc8c638b139ec775c9e57e151a9e199f20e

  • SSDEEP

    3072:snouwXfQPvUubHKBT3D8kH4/xA02cRHwneYifp5rMARkygyNbVGPzYtKrU:EouwXfQPvUuSDH4Jp2OaIRCJtHU

Malware Config

Targets

    • Target

      JaffaCakes118_81af0fe78842a1f601cddfb6dda09dfc

    • Size

      165KB

    • MD5

      81af0fe78842a1f601cddfb6dda09dfc

    • SHA1

      f674df8566d9f5722c553d95cc05183603830cc7

    • SHA256

      1553881425fa895cb6dfa1de4410fbdd3363f117c64cefec69764651caa71d99

    • SHA512

      92992b9c055ae990dad4e96babd98f09895ea660b873f6d6a8a0b8966ec8954e0c57c59b0aa5dce306f3b8eeedb49bc8c638b139ec775c9e57e151a9e199f20e

    • SSDEEP

      3072:snouwXfQPvUubHKBT3D8kH4/xA02cRHwneYifp5rMARkygyNbVGPzYtKrU:EouwXfQPvUuSDH4Jp2OaIRCJtHU

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks