Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_1c7d6b70067537db56b95cf10d8e1ff6

  • Size

    264KB

  • Sample

    250222-1qw24a1py9

  • MD5

    1c7d6b70067537db56b95cf10d8e1ff6

  • SHA1

    501112f132f62f95674cbb43d06e574b70181f19

  • SHA256

    fa426a8fd23a485598b95fdc7a54940438736c35bb753bc8ddf41bcd8f606d46

  • SHA512

    d495df8ede336ba482f6f98e163d5bc0a2a8546012e8dd0717179d21e65dc9407130409a83842b63ef2275d5c162f4c982832d0125ac8efab66c4255bfc3c263

  • SSDEEP

    6144:1b0nSQkLMhvRxYQhShXf/93MUsPft5CPTU0b:pDQvvRKNtRsbh

Malware Config

Targets

    • Target

      JaffaCakes118_1c7d6b70067537db56b95cf10d8e1ff6

    • Size

      264KB

    • MD5

      1c7d6b70067537db56b95cf10d8e1ff6

    • SHA1

      501112f132f62f95674cbb43d06e574b70181f19

    • SHA256

      fa426a8fd23a485598b95fdc7a54940438736c35bb753bc8ddf41bcd8f606d46

    • SHA512

      d495df8ede336ba482f6f98e163d5bc0a2a8546012e8dd0717179d21e65dc9407130409a83842b63ef2275d5c162f4c982832d0125ac8efab66c4255bfc3c263

    • SSDEEP

      6144:1b0nSQkLMhvRxYQhShXf/93MUsPft5CPTU0b:pDQvvRKNtRsbh

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

    • ISR Stealer payload

    • Isrstealer family

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks