Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_a9c3788bc20fcb8bdfd08fbf5f5d1ac0

  • Size

    157KB

  • Sample

    250118-pmvjbasrfw

  • MD5

    a9c3788bc20fcb8bdfd08fbf5f5d1ac0

  • SHA1

    e03d31663d8025891e2a5796b501e4e5bc8da736

  • SHA256

    4d2446f38afde87f4612280dca26dba96d9bfb053b0e279f37de37b760c376aa

  • SHA512

    6b31d01c2786b000929e3b851b22e36070b5c926f6661aa4fb5939190597d6a74028db1da73cf5e2ba93c0333e199a7c191dad3dedd37695b82d3e5cdbcfedc8

  • SSDEEP

    3072:joWSnw50VEm4RpccVQTW+lSdyjvY00npX22bRRijKYF:jini0VEm4ceQqAw6YvnpjbPY

Malware Config

Targets

    • Target

      JaffaCakes118_a9c3788bc20fcb8bdfd08fbf5f5d1ac0

    • Size

      157KB

    • MD5

      a9c3788bc20fcb8bdfd08fbf5f5d1ac0

    • SHA1

      e03d31663d8025891e2a5796b501e4e5bc8da736

    • SHA256

      4d2446f38afde87f4612280dca26dba96d9bfb053b0e279f37de37b760c376aa

    • SHA512

      6b31d01c2786b000929e3b851b22e36070b5c926f6661aa4fb5939190597d6a74028db1da73cf5e2ba93c0333e199a7c191dad3dedd37695b82d3e5cdbcfedc8

    • SSDEEP

      3072:joWSnw50VEm4RpccVQTW+lSdyjvY00npX22bRRijKYF:jini0VEm4ceQqAw6YvnpjbPY

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks