Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_871240fa1b0c6c01e8dd839ee8149928

  • Size

    554KB

  • Sample

    250203-lma8wsxmcz

  • MD5

    871240fa1b0c6c01e8dd839ee8149928

  • SHA1

    437a215edf6c144544fb1cf338bdaff21ef8e203

  • SHA256

    c983128b96bc09c791c394440784651b6103e6f33cbe1693393c9cc97981a3fa

  • SHA512

    7826f85109455b8cfa967af1e5a514449ab7572143dc9a2134624fa3523c550f945c68055be5a36be715d88b375f199b2d43aa21526612808ade41564674152c

  • SSDEEP

    6144:Fu2+izDADyHTtHpPpvu0vTUAycbCFFpBVLVqzjUiyOsAKI3NvuvgYqKBn:dLADyJHBpvu0Q6b4F3VLZkKIBYgYqsn

Malware Config

Targets

    • Target

      JaffaCakes118_871240fa1b0c6c01e8dd839ee8149928

    • Size

      554KB

    • MD5

      871240fa1b0c6c01e8dd839ee8149928

    • SHA1

      437a215edf6c144544fb1cf338bdaff21ef8e203

    • SHA256

      c983128b96bc09c791c394440784651b6103e6f33cbe1693393c9cc97981a3fa

    • SHA512

      7826f85109455b8cfa967af1e5a514449ab7572143dc9a2134624fa3523c550f945c68055be5a36be715d88b375f199b2d43aa21526612808ade41564674152c

    • SSDEEP

      6144:Fu2+izDADyHTtHpPpvu0vTUAycbCFFpBVLVqzjUiyOsAKI3NvuvgYqKBn:dLADyJHBpvu0Q6b4F3VLZkKIBYgYqsn

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks