Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f7d5fe021610b26e2d3a9cdd877d3d78_JaffaCakes118

  • Size

    2.6MB

  • Sample

    240418-mvz3nacb3x

  • MD5

    f7d5fe021610b26e2d3a9cdd877d3d78

  • SHA1

    59ac39a0bb3d4e5386c9b3292acc2382aa9d0574

  • SHA256

    773dcb1e82bd6b653c8e3072ce8b182346c57440e58c412d08ff98b80cd4067f

  • SHA512

    0f78630178f58529122cc657ca409c726916b029da6106dc97638d152121fcad4832b2189c112e1d7c8d02a98adc38b1a7530d1106793ec45774109173d3ee01

  • SSDEEP

    49152:D9PPGaKWCLac78P/XOUDOs4y9eAImg0cP0C9V/2:5GaJCuW8HOpsRsAC0Cz/2

Score
7/10

Malware Config

Targets

    • Target

      f7d5fe021610b26e2d3a9cdd877d3d78_JaffaCakes118

    • Size

      2.6MB

    • MD5

      f7d5fe021610b26e2d3a9cdd877d3d78

    • SHA1

      59ac39a0bb3d4e5386c9b3292acc2382aa9d0574

    • SHA256

      773dcb1e82bd6b653c8e3072ce8b182346c57440e58c412d08ff98b80cd4067f

    • SHA512

      0f78630178f58529122cc657ca409c726916b029da6106dc97638d152121fcad4832b2189c112e1d7c8d02a98adc38b1a7530d1106793ec45774109173d3ee01

    • SSDEEP

      49152:D9PPGaKWCLac78P/XOUDOs4y9eAImg0cP0C9V/2:5GaJCuW8HOpsRsAC0Cz/2

    Score
    3/10
    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      254f13dfd61c5b7d2119eb2550491e1d

    • SHA1

      5083f6804ee3475f3698ab9e68611b0128e22fd6

    • SHA256

      fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28

    • SHA512

      fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7

    • SSDEEP

      192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo

    Score
    3/10
    • Target

      $PLUGINSDIR/ReadCustomerData.dll

    • Size

      64KB

    • MD5

      703598aa5ff97f512112cd766543a2f1

    • SHA1

      0bfb74b03227ee8510e153785edd76625404ab55

    • SHA256

      5f76752e83789bb8184070d618d83f43c2f565cc7fad2c4266e44339223ba69b

    • SHA512

      3eff4670a3c97ec931eb1240d22a943ad6b19ea07ce781dabcc656ae2049d36c42b8f5bf3ce59366057ea3ece8913e83da3ec98c2c1434edf144dd9d4731fe58

    • SSDEEP

      768:TWaFM5hBUVVsDPytWyIBvsdfk3Nhs8o6S5uymhRv1OInQ/bTLZmTtxHWQ:CvnuV+TcWGIPOChRwIQ/XLQtxH

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      00a0194c20ee912257df53bfe258ee4a

    • SHA1

      d7b4e319bc5119024690dc8230b9cc919b1b86b2

    • SHA256

      dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

    • SHA512

      3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      $PLUGINSDIR/TvGetVersion.dll

    • Size

      50KB

    • MD5

      7d4cdffd78fa41a10e00cdfb899990d3

    • SHA1

      51c445cc7933a92efe285b11d5a8a80dc69d1be1

    • SHA256

      b5e3a463393887c08219366ac3efd60e8b4991df874586702950de2baa83104d

    • SHA512

      8044c3a25957f68d7b7fd9d925c26f6726af9b29ad54eaf4b1eb1a3027f6f07670c678ef3dd2958130634cc49406b2d2378e20a35a43b8821fcd4355551122f7

    • SSDEEP

      768:0VkG68qeXUmypSIRcu7Tx7Ss1xS+KCDpR/vO4nnZr11t5JgX:0Vm4Um4W4dLKopR/PnZft5

    Score
    3/10
    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      176KB

    • MD5

      06ff2b95b8e123d32487b0cb73409031

    • SHA1

      8cb3f584112db4e74cea4ed02d4ce0b3a5373bfa

    • SHA256

      0dedad042a306da32784c3ce79bfac0475b827e416c17e1a1dfdb461151f4271

    • SHA512

      174e7599ba87bc45111ce340d7563771353df71988d6b9094d8bdeab4b45ec730cbd2e6bf3943ad66daa02d7f1f1eac0020b987109fabed96b2e0def8d0602c6

    • SSDEEP

      3072:rfSCQ4FYoKhEHvf4aytolZ8MMNjXtWXTkibb7zHetRYFJ8:HFYosEH3UtoX8fUtXPOm

    Score
    3/10
    • Target

      TeamViewer.exe

    • Size

      6.7MB

    • MD5

      af9674ebad5c3234eb84e70ef63264fa

    • SHA1

      c88e75a808b8f3d3ee10d6b3cd7720aec5314999

    • SHA256

      e6e9548ff7f0d45d6f0c02f367486d840270b52c4aafe2b963b0553d33b9bafe

    • SHA512

      b022560565a560cf8da955dcbc8ac9c0e598b9f1ca03f2f5885258c9e5ce21f63bc658c691e8ce753d0d2dc3f7cf970ebb8c2938a486b00e4502c8c2d6082df8

    • SSDEEP

      98304:RK1vrxE+c9ePZgjheTCLwWAgcSukgEeDEi4iEUu361a54V1+Hl/p8zj5xtMid:uhvZ5ZxD4Uu30aODzj5xtMa

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Target

      TeamViewer_Desktop.exe

    • Size

      2.1MB

    • MD5

      0abedc25d8c9ed7a61ab7040cc691385

    • SHA1

      00f3a75bb5ccf0aa0b7f3c50753b7221863d2489

    • SHA256

      34e69413106257786a1d02d9016d39028ffae309316607f5f716639bb589ed8f

    • SHA512

      5807b936733aba867f69de74af73a9a66c96b22bc7bc69b0aadce1aaf75cd45a26980bdd36d912c31e283f34cb5259ff8282f6c8887e63d59b382c07ae0392f2

    • SSDEEP

      49152:dgoK7vi+iwCT5xbIm18YdjcOpJs1ats9Ha+Gf:S7Dczn1Fdj7JsMiu

    Score
    3/10
    • Target

      TeamViewer_Resource_de.dll

    • Size

      1.2MB

    • MD5

      90de73de3a2ea9440da3c16412479220

    • SHA1

      d79f9fe7cecac2a4996eb4dd1a1f768ddad44ec3

    • SHA256

      cd20c290f6cf6dfae987f5f07386c73efb56eb4805696818c292c868b294deb0

    • SHA512

      c17ff8d3f6bc0670dbd4cbc947e13a4e0b945b46f5ce3a8c620b09f4b9a85fa71b4fa40eb425bb2d3a74435d97cc5b699561c500d4e384018ff1df384f26db95

    • SSDEEP

      12288:Q2hmfaa/lRMxerSaye0dHVGFlSyhUcTm8i1aWjDtTfu:QumfnJrSayGF6Vi

    Score
    1/10
    • Target

      TeamViewer_Service.exe

    • Size

      2.3MB

    • MD5

      29ec98bc26852b920243667aaf18fbf6

    • SHA1

      e116a85404d9a89aac8406f16d004ab10afe4f2d

    • SHA256

      407683aaf7450a133ece802a8f80a92d6f36beb21055cf75b867f068eb459e8c

    • SHA512

      256bba4b27cf46d2dafb36134ac1abb768515618da68804e8a6ef090619cc913da95c6b6fcc108c2b40b296036bf62a4bae15f52f78f6aeeb748c4c21ace4f5e

    • SSDEEP

      49152:q+lFwkW1imFT/4+ykiHIKbIUu3QjWPc1ZU0/yPiIS0CwM:/HW1i074dkiHIPUu3QjP5/7bh

    Score
    1/10
    • Target

      tv_w32.dll

    • Size

      48KB

    • MD5

      feb7527d884057e53845297722ef1dfa

    • SHA1

      b44e6049798aa4a0e7081072b23faeba1fc044ca

    • SHA256

      0e6c56ee94617219bf89febf2aaab53ba99def0931b3146875079642bbc67f0e

    • SHA512

      424b53605fc92761b73e92fe375d70f8d8d9e240ffeead9f700d0e83019eab67d73aaa0c88f1f606e8ccf4ca02d4279bd5cd53c1268aaf569c5ae4379b63a275

    • SSDEEP

      768:lhnbNOCWYFawkf5soDYunk220HOtUM3CgV6QiFp7Tsk5AeLM:fBSsunocCUDgV6jfsk5AeI

    Score
    1/10
    • Target

      tv_w32.exe

    • Size

      105KB

    • MD5

      625393ef6d05592dcc229e681cf3109c

    • SHA1

      9a116b7295adea0f257802d781e6e9628e66cd3e

    • SHA256

      a9c497e2db6c339c08dea0c09a1bcc4269b6da0aad237b372d1a4916bf4065a9

    • SHA512

      5f043b90ffc1b0ffe6f7e76e0ab0c629e2e00e6499c64a5aa660550b55a4bda530c7a64c7cdbb96bc2d7dc7e0697f7bec3d18f8c4a4e4ad17e6a786a4a024925

    • SSDEEP

      1536:V7zajn/aH9011y9Hrjba1JOIzJGY78iyrMycIDUxr4fDnChLLCJY1+4Z4htelJP:V7zQqpwxhKhtelh

    Score
    1/10
    • Target

      tv_x64.dll

    • Size

      51KB

    • MD5

      e21f6ac9d96538ebc078bac67db51401

    • SHA1

      01a8a23c63290872fa24772fcbbeed288831df2d

    • SHA256

      ea27c2297ad340a8cd6950ba7394d00184458cfd95b23a68234990d9a965c23a

    • SHA512

      619e83cd7069e8ee49c845f12d12ad5c41b0b5f3f3d989f5d0bde0bd91946a6ad9aecbd412dd020e69af23d0646e384f3328687d4ba19a719ca6446a4eada20b

    • SSDEEP

      768:ddbXkYJwW1DSveW1oI8iGkDDTn/AzimuQ9tybxJYQIlV3lLg:ddbnJj1OvDv/0zJtybfIXlc

    Score
    1/10
    • Target

      tv_x64.exe

    • Size

      140KB

    • MD5

      ab50674a87e2b07fb3cf56a054a4b763

    • SHA1

      6400bb876b77ca5c03a00e27af4306474154c28c

    • SHA256

      d4075a3a2ac3eb5b23eb6c759db127a1e06e02aeec6105df13cf027e1073d879

    • SHA512

      eb57a3f14c43dafd2e2a94c5e0d7fa02e5070de775f8f3f713ff4c69d6f89f2cd7276d260fc2fecb598f51256f5b6b09c995b594cf9d7b399fe14174b6653939

    • SSDEEP

      3072:k5IdtXcNDSKAm5cwCFG1Js0fNB6yQxjkQGTUVryhC+LW+rPW2:kxDSPPHFG1JswQx41U3+rD

    Score
    1/10
    • Target

      x64/TVMonitor.sys

    • Size

      15KB

    • MD5

      95314c3a08589471983c2c8173f23cda

    • SHA1

      a84b8b7c7c08f4642655e2f1df9161b8d3b0b665

    • SHA256

      05d30728d7204aba2437259ecf929a94e6573f7621baf35d76eba26f5489a6cf

    • SHA512

      200c9af5a7ac032bcbde1830001f2c7cf4e9dd02b964a6bbdf7fe5e4bd29cd152a4fbea3bac53defa9f321e0417af3d170900ab3de390fcfc1d411237d238c06

    • SSDEEP

      384:PxWDUVvF0r2UHKZCmYFJulYJLWOtbeFV6jlV:k0vFGXH7XuAL/beFVmP

    Score
    1/10
    • Target

      x86/TVMonitor.sys

    • Size

      12KB

    • MD5

      111a023266532c621ee69ae96e47081e

    • SHA1

      4f1dde3508a85fa4beda1d8110e98db248be1af1

    • SHA256

      d933340af838d94f25c74f9d46a74de3b45f29b896afa49a03676bab8cd400cf

    • SHA512

      bf6252a52ad61bafb8b86589b4436069d4bc277b91a89e90c4b237e3e49a7388bc8e1d5d29a1790f4505de2a52eb26e0bef112e946f7505f0641b3ebd5643354

    • SSDEEP

      192:7hkFKqiEedsBgI/yowJL/aMjGwP7QM3PXD+ebMdHFVZgjlJMVc83:Vkcqod5CYJLWOtbeFV6jK

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

spywarestealer
Score
7/10

behavioral14

spywarestealer
Score
7/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10