Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_24b153f07bb805848770e79093e57f60
-
Size
120KB
-
Sample
250226-kdzpfs1qz9
-
MD5
24b153f07bb805848770e79093e57f60
-
SHA1
4da0a80502242ed5792e1bbeba1924a6f6827f0c
-
SHA256
df82e266201cdd7e106c40b51989a8ca2a8ee48f1f6ca83ee72d19d774bbe103
-
SHA512
cb7bd8916d036784c5e67dbd0e7cd818b4528fde9d6523fc104829d6cc38e8ba45cf779cdefaace80f837c3a8b6a2deeb8374571c85cd0db66f8214da46d2a12
-
SSDEEP
3072:6La94GN7fiIEAeLHJx0CNPyUaohDDdhZd5VrEnxVYyAeiurVq:6La94GN7fiIEAeLHJx0CN8od531icyp2
Malware Config
Targets
-
-
Target
JaffaCakes118_24b153f07bb805848770e79093e57f60
-
Size
120KB
-
MD5
24b153f07bb805848770e79093e57f60
-
SHA1
4da0a80502242ed5792e1bbeba1924a6f6827f0c
-
SHA256
df82e266201cdd7e106c40b51989a8ca2a8ee48f1f6ca83ee72d19d774bbe103
-
SHA512
cb7bd8916d036784c5e67dbd0e7cd818b4528fde9d6523fc104829d6cc38e8ba45cf779cdefaace80f837c3a8b6a2deeb8374571c85cd0db66f8214da46d2a12
-
SSDEEP
3072:6La94GN7fiIEAeLHJx0CNPyUaohDDdhZd5VrEnxVYyAeiurVq:6La94GN7fiIEAeLHJx0CN8od531icyp2
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Isrstealer family
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-