Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

fdb196fa39...18.exe

windows7-x64

7

fdb196fa39...18.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...se.rtf

windows7-x64

4

$PLUGINSDI...se.rtf

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ON.dll

windows7-x64

7

$PLUGINSDI...ON.dll

windows10-2004-x64

7

$PLUGINSDI...it.dll

windows7-x64

7

$PLUGINSDI...it.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fdb196fa39c5df406a77c82f4036f6bd_JaffaCakes118

  • Size

    295KB

  • Sample

    240420-1d2f2sae55

  • MD5

    fdb196fa39c5df406a77c82f4036f6bd

  • SHA1

    9c310d0aab3659006fa4c8f066581fc2ffd7a32d

  • SHA256

    118758238637f66385c493b98cdd53daf77a7e7bf9f7ec1023c3cb46c39d2580

  • SHA512

    11f3926cd32f9feb80f1de55fd1ebba7d354ca3b6312e07903c812992c51f22aa7fe2b3d400d20296df3c6becd753119daa48f67f09be341b8ae80bf2bdfc35f

  • SSDEEP

    3072:VxFM5spM4P/NEkxhJR7aOAYXTQempzGWchGKR6bFllBwV6AuJJzUgLyBQ4JVVoDN:UAJmYt7rAYX0LzxLDi4yBFJo2i

Score
7/10
upx

Malware Config

Targets

    • Target

      fdb196fa39c5df406a77c82f4036f6bd_JaffaCakes118

    • Size

      295KB

    • MD5

      fdb196fa39c5df406a77c82f4036f6bd

    • SHA1

      9c310d0aab3659006fa4c8f066581fc2ffd7a32d

    • SHA256

      118758238637f66385c493b98cdd53daf77a7e7bf9f7ec1023c3cb46c39d2580

    • SHA512

      11f3926cd32f9feb80f1de55fd1ebba7d354ca3b6312e07903c812992c51f22aa7fe2b3d400d20296df3c6becd753119daa48f67f09be341b8ae80bf2bdfc35f

    • SSDEEP

      3072:VxFM5spM4P/NEkxhJR7aOAYXTQempzGWchGKR6bFllBwV6AuJJzUgLyBQ4JVVoDN:UAJmYt7rAYX0LzxLDi4yBFJo2i

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      21KB

    • MD5

      62cd3e9089314d24f0817c231dfa859f

    • SHA1

      907fc4cef9bf22b3814dcf1cd06fc2b3c3ec842e

    • SHA256

      93530c4c3cfa4a6c87671050a52eb673228a597e9052622e57bec02fec5328ce

    • SHA512

      ccbe4f18013fd1055ca575d15faec1773268404b5dd1af40de865b39bf18457ca8d9078d3d3932fffdcebb5e76a807adce39b1091bda897ca53d60c6798fd041

    • SSDEEP

      384:1DBI+2XKPdeyYTpLhDaSR61M01rP41WKSthVGBJwSAkBMyO:1K+2XsdeyMRhOSRAn1wWXKM

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      24KB

    • MD5

      e7143c9655d4d4a9efaa578748c6bc45

    • SHA1

      f8ac5c6ecf4847e1bbeafe021881a46e20f09e7c

    • SHA256

      5c25a47da05d6ec943baec00977aae4825fe06db370b765afc1a5d39670ccbe2

    • SHA512

      deadec14af2048188ae6c56cacec0fad9e9c86bbd352e664a999f2df8d0cef23575e6cc85bdfdc5105d69f5b0bdcca95a7b9f052f31676295ab6e3cae01cf8de

    • SSDEEP

      384:EjuFHgNpQsSBO9+N5qoNvRjEJMmG+cGSjOBhpVPY8cCBfbwdxc4:ZOkooN6JMmGU6OBhbajxp

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      13KB

    • MD5

      431e5b960aa15af5d153bae6ba6b7e87

    • SHA1

      e090c90be02e0bafe5f3d884c0525d8f87b3db40

    • SHA256

      a6d956f28c32e8aa2ab2df13ef52637e23113fab41225031e7a3d47390a6cf13

    • SHA512

      f1526c7e4d0fce8ab378e43e89aafb1d7e9d57ef5324501e804091e99331dd2544912181d6d4a07d30416fe17c892867c593aee623834935e11c7bb385c6a0a8

    • SSDEEP

      192:vIARvmFvcukSWn8EAKVZ8148Dj33RZgqWVWYuOUEjRuFzEun0J:v2mukSe8EA88pRZAVWYuO3cFznny

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      25KB

    • MD5

      29e2dcdfb57ee3ab5e2bbc2fc3c42f02

    • SHA1

      bd6cafcce5b70ee15311f9f53e9fd4aac819ccda

    • SHA256

      2b7a69e98ed4975fd4eade513cff17099c43b3eebe7e7641696d1d20e8e14b2f

    • SHA512

      f71c981b3b5308566b56156462d106ebf8e49a32e55b70891f9d70338941afd347cb4df374fe38b9b3d7309f63dd75a7c80ebe02bb8941d558cd638a6f8daf7a

    • SSDEEP

      384:ViY1+aFplLBSgN9afuzwZAEecpuB3NVeMUPOSya4fa0Ac9khYLMkIX0+GGxky8oO:ViY1+a3e1mwJKVSPO5a4fsO

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/license.rtf

    • Size

      1KB

    • MD5

      335e86da2f14164b7967bb13bd55ede6

    • SHA1

      754059d45800e5b1e9f6bc67ffb6a7f00c197144

    • SHA256

      58606a097a62f50c0b52d9003c591e7b943afd45f821c590c6f548ecb4294d95

    • SHA512

      13bcd69c7356fa994cf526cf63e6f7a3d057857c6c3a95f453946fb0a8db2d5d58e84be336183b8dbaa1ade13f900fcdfdac7f0f7d7e000013e8fadafa7af0ff

    Score
    4/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      11KB

    • MD5

      66cfc94903c8cfa492fdab42bde2026d

    • SHA1

      d07194419d914eae5dc54a480ebddb0a8cb32f25

    • SHA256

      82e21860521feea4d15ff7f30538b9d0ed1860747c98549ec85217178a6db632

    • SHA512

      ecbc2c9361bef9332fe8e1675d11884c344b26f437eee9db3ec0b5999bf20e16b1d863c192e2091375a870cf8f4674deec16875ba56757b88cc859288305eeb7

    • SSDEEP

      192:mMmfEKSweFA9/H5aE3KRmQv295JrbQMH2klPdIobEEdTFdHg:OfEBwe+VH5avmQv29XrUMHVlPFEEdjHg

    Score
    3/10
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/nsJSON.dll

    • Size

      7KB

    • MD5

      b9cd1b0fd3af89892348e5cc3108dce7

    • SHA1

      f7bc59bf631303facfc970c0da67a73568e1dca6

    • SHA256

      49b173504eb9cd07e42a3c4deb84c2cd3f3b49c7fb0858aee43ddfc64660e384

    • SHA512

      fdcbdd21b831a92ca686aab5b240f073a89a08588e42439564747cad9160d79cfa8e3c103b6b4f2917684c1a591880203b4303418b85bc040f9f00b6658b0c90

    • SSDEEP

      96:Zw8NZ0x0OOdzJt0TwYKj7W/NYDNd9fQ6blfW+KrWC69r7ncnrD6Qdm:6e/7vAmrHblfW3iCmDcru

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral15behavioral16

    • Target

      $PLUGINSDIR/nsRichEdit.dll

    • Size

      5KB

    • MD5

      02f1858b3131ffc3fc5e3a5391d3a489

    • SHA1

      454a6d749cf55ff990bd9f57941aca9d1f1674f6

    • SHA256

      f00bd6d3e7c7b8e8ad18b7dc6275fb80cc720fb164200a6506f50f6e66998b12

    • SHA512

      8147fa8014a5065f4fed7de1fbb9c2ee2c1b94d63596f7bbcf6821ecd41a73d25ebdfa1e71ca74d7598cba063042b6dfcaf050a23d0c855a7b6fbc94147ab41b

    • SSDEEP

      96:Z3CA+/dN6g2Aznq+1kaNar7ta6mKAJN0u4KOhB7lkZ3hBjB8wZ:Z3G/D26EaNar7QKzLdZkZX

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral17behavioral18

MITRE ATT&CK Enterprise v15

Tasks