Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Ziraat Ban...ji.exe

windows7-x64

7

Ziraat Ban...ji.exe

windows10-2004-x64

7

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Algoesthes...rs.ps1

windows7-x64

8

Algoesthes...rs.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ziraat Bankasi Swift Mesaji.exe

  • Size

    597KB

  • Sample

    240212-jvz6waab62

  • MD5

    a274d0c65826b298b45033815bc71b61

  • SHA1

    29eb31fdb53855665cf431228fea0b77f06baaec

  • SHA256

    53ad1aa3ff4f3dcb953f2e7560738f21c8cdadd91a61338e92b50a04943e01d6

  • SHA512

    f9160f4f901cac71a8ff1de984c1c5f66155e5afbc08159bb7187cdaf94b94aeb7d6cee955614e2c52adc59cfad09d9216f34262c7c7576bef441787c278aa85

  • SSDEEP

    12288:JpQq5jqzpAsdU0rnwP6865exdPIpdL3zonZbPX9i1CZhySGA:Jpr57rF652dQpdbkx01WySGA

Score
8/10
persistence

Malware Config

Targets

    • Target

      Ziraat Bankasi Swift Mesaji.exe

    • Size

      597KB

    • MD5

      a274d0c65826b298b45033815bc71b61

    • SHA1

      29eb31fdb53855665cf431228fea0b77f06baaec

    • SHA256

      53ad1aa3ff4f3dcb953f2e7560738f21c8cdadd91a61338e92b50a04943e01d6

    • SHA512

      f9160f4f901cac71a8ff1de984c1c5f66155e5afbc08159bb7187cdaf94b94aeb7d6cee955614e2c52adc59cfad09d9216f34262c7c7576bef441787c278aa85

    • SSDEEP

      12288:JpQq5jqzpAsdU0rnwP6865exdPIpdL3zonZbPX9i1CZhySGA:Jpr57rF652dQpdbkx01WySGA

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      b5a1f9dc73e2944a388a61411bdd8c70

    • SHA1

      dc9b20df3f3810c2e81a0c54dea385704ba8bef7

    • SHA256

      288100583f65a2b7acfc0c7e231c0e268c58d3067675543f627c01e82f6fd884

    • SHA512

      b9c8d71b5da00f2aff7847b9ec3bd8a588afeb525f47a0df235b52f7b2233edb3928a2c8e0b493f287c923cc52a340ad6fee99822595d6591df0e97870de92a8

    • SSDEEP

      96:p7GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgNQ3e:lXhHR0aTQN4gRHdMqJVgNH

    Score
    3/10
    behavioral3behavioral4

    • Target

      Algoesthesiometer/Kvitteringer/Naaletrs.Mor

    • Size

      45KB

    • MD5

      134c07fce8184c599cb40754d2ae6db7

    • SHA1

      af5f44ed3b7ab716af0a5b683218f5ca96b0175c

    • SHA256

      a17d8d7ec7a761817970478b591b1b8e69d41119636067ce4d221e72b9ca058a

    • SHA512

      82c58aa95897217226a15674154b5c0a567962c60bd60ecdb98b486767391b05eaa2d03bcadcf6cf102aaa632f5bb2527af791b9e7049cde112107a3c874c221

    • SSDEEP

      768:L9FgRj8sOglYNISbpapSUGxX+V8k0R6ljVP1W2HXhqIwKjLdHmH1BsB7WHl4C+bK:L9FgRIgMtpapS0WRapM2HFZjFK/l4dK

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks