Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_a9a56b70ca7e66353ff97d34ff47b5e2

  • Size

    183KB

  • Sample

    250118-pjrm9atqbn

  • MD5

    a9a56b70ca7e66353ff97d34ff47b5e2

  • SHA1

    1dbea21c0a281fe892055081b21d792bdf5b1294

  • SHA256

    2e812a315d54636b1f790c3bd72aed265b43ba0b3796c59b57b24332e6486fdb

  • SHA512

    c21e18b82c9bb5a8c6123d17d551e14097a92ac5d999726283a8ba05845593f9bcdd074d1387d40431be78e4a179bc17370a814721d29864f94b17f2e264ea7b

  • SSDEEP

    3072:UEyaHHM3PGN9wsPJEm9NxH2MA6BMlbLyrNunAAdPWlAhfQ6oaKBxNFlhWC7RnFjY:U2HAPGN9wTM5RNrNunAAdzWvBLFlhWCE

Malware Config

Targets

    • Target

      JaffaCakes118_a9a56b70ca7e66353ff97d34ff47b5e2

    • Size

      183KB

    • MD5

      a9a56b70ca7e66353ff97d34ff47b5e2

    • SHA1

      1dbea21c0a281fe892055081b21d792bdf5b1294

    • SHA256

      2e812a315d54636b1f790c3bd72aed265b43ba0b3796c59b57b24332e6486fdb

    • SHA512

      c21e18b82c9bb5a8c6123d17d551e14097a92ac5d999726283a8ba05845593f9bcdd074d1387d40431be78e4a179bc17370a814721d29864f94b17f2e264ea7b

    • SSDEEP

      3072:UEyaHHM3PGN9wsPJEm9NxH2MA6BMlbLyrNunAAdPWlAhfQ6oaKBxNFlhWC7RnFjY:U2HAPGN9wTM5RNrNunAAdzWvBLFlhWCE

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks