Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
7077750e84f...18.exe
windows7-x64
7077750e84f...18.exe
windows10-2004-x64
7Italian!it.vbs
windows7-x64
1Italian!it.vbs
windows10-2004-x64
1Welsh!cy.vbs
windows7-x64
1Welsh!cy.vbs
windows10-2004-x64
1$DESKTOP/�...nt.exe
windows7-x64
7$DESKTOP/�...nt.exe
windows10-2004-x64
7Italian!it.vbs
windows7-x64
1Italian!it.vbs
windows10-2004-x64
1Welsh!cy.vbs
windows7-x64
1Welsh!cy.vbs
windows10-2004-x64
1$DESKTOP/�...le.exe
windows7-x64
3$DESKTOP/�...le.exe
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...ce.dll
windows7-x64
3$PLUGINSDI...ce.dll
windows10-2004-x64
3$PLUGINSDI...ry.dll
windows7-x64
3$PLUGINSDI...ry.dll
windows10-2004-x64
3$PLUGINSDI...sh.dll
windows7-x64
1$PLUGINSDI...sh.dll
windows10-2004-x64
1$PLUGINSDI...ll.dll
windows7-x64
3$PLUGINSDI...ll.dll
windows10-2004-x64
3$PLUGINSDIR/Aero.dll
windows7-x64
7$PLUGINSDIR/Aero.dll
windows10-2004-x64
7$PLUGINSDI...RL.dll
windows7-x64
3$PLUGINSDI...RL.dll
windows10-2004-x64
3$PLUGINSDI...rb.dll
windows7-x64
3$PLUGINSDI...rb.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3General
-
Target
077750e84f5bf5267d582995482adecc_JaffaCakes118
-
Size
3.7MB
-
Sample
240429-mqgqhsgh9t
-
MD5
077750e84f5bf5267d582995482adecc
-
SHA1
09a4734534c18956eefb003222688b16a082aa89
-
SHA256
94c70fd5da5feb18eb47c379083c68edb32ef7c35d97ee80bad5da8c00688600
-
SHA512
ffb27b9ff32ee5e52e27e0e722af5de369d9f8a3073ee907a7a6cb4da2be7d183267cb7dfc0f9168a1917d491594cafa98f1af2e8a74dd2d55594f93149c7048
-
SSDEEP
98304:y2v74FzFVieLkrim7AVBURgWKQW+O418Qq7snNVnmfPI:FvEk6krisKWKt+Na4VmHI
Behavioral task
behavioral1
Sample
077750e84f5bf5267d582995482adecc_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
077750e84f5bf5267d582995482adecc_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
Italian!it.vbs
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
Italian!it.vbs
Resource
win10v2004-20240419-en
Behavioral task
behavioral5
Sample
Welsh!cy.vbs
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Welsh!cy.vbs
Resource
win10v2004-20240419-en
Behavioral task
behavioral7
Sample
$DESKTOP/Torrent Portable/App/uTorrent/uTorrent.exe
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
$DESKTOP/Torrent Portable/App/uTorrent/uTorrent.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral9
Sample
Italian!it.vbs
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
Italian!it.vbs
Resource
win10v2004-20240419-en
Behavioral task
behavioral11
Sample
Welsh!cy.vbs
Resource
win7-20240215-en
Behavioral task
behavioral12
Sample
Welsh!cy.vbs
Resource
win10v2004-20240426-en
Behavioral task
behavioral13
Sample
$DESKTOP/Torrent Portable/uTorrentPortable.exe
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$DESKTOP/Torrent Portable/uTorrentPortable.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/FindProcDLL.dll
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/FindProcDLL.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/NewTextreplace.dll
Resource
win7-20240419-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/NewTextreplace.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/Registry.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/Registry.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/newadvsplash.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/newadvsplash.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/nsisFirewall.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsisFirewall.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/Aero.dll
Resource
win7-20240215-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/Aero.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/BrandingURL.dll
Resource
win7-20240419-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/BrandingURL.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/InvokeShellVerb.dll
Resource
win7-20231129-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/InvokeShellVerb.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
077750e84f5bf5267d582995482adecc_JaffaCakes118
-
Size
3.7MB
-
MD5
077750e84f5bf5267d582995482adecc
-
SHA1
09a4734534c18956eefb003222688b16a082aa89
-
SHA256
94c70fd5da5feb18eb47c379083c68edb32ef7c35d97ee80bad5da8c00688600
-
SHA512
ffb27b9ff32ee5e52e27e0e722af5de369d9f8a3073ee907a7a6cb4da2be7d183267cb7dfc0f9168a1917d491594cafa98f1af2e8a74dd2d55594f93149c7048
-
SSDEEP
98304:y2v74FzFVieLkrim7AVBURgWKQW+O418Qq7snNVnmfPI:FvEk6krisKWKt+Na4VmHI
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
-
-
Target
Italian!it.txt
-
Size
65KB
-
MD5
0ec32e3e931ab9352fb103dc425c6ce1
-
SHA1
35557900205740086e8e5045af661a6bc8c6f28e
-
SHA256
9dd7ebd0944e9d4ed6fdcadeb53a8490551b48b777f6fa8e2df2739150b9e5b6
-
SHA512
7872e5819552d972b961b5eb832202b582c1f04451a7a147ff84737024f73b5eb50e83bb32e90e45e11953bf94281bbb6a60fdfa5fcb26e7f3a59258ac42dc9b
-
SSDEEP
1536:ZgibwpZYpFyuevprh9FcgaayQKf0Ct9v0aa/HcLaPd94YNnq1tpTHlJXfLn:ZgmgZYpFy9vprh9FcgaaB1CTv0aa/8Lp
Score1/10 -
-
-
Target
Welsh!cy.txt
-
Size
63KB
-
MD5
fe085c71fe1fd7bbafaa535c68a767cc
-
SHA1
4ea364029c185e641021cfb167bc540a80ba4115
-
SHA256
833cd3556028ee149b08fe24e1e9a7750dd3fadc4785b9fe1dbe1ab15b456ca4
-
SHA512
a175dcfcc1062adf3f2c06289454129c89f70216b36129735d5a7b2b66bdd1259e5d1bba837d91a859501a2b9c30037a83b516270f733054bf54bfeabd12ddfc
-
SSDEEP
768:SQ2288B9I/YO/PcSA54rghubFErXxWdB658yPy8VdkUWElCU0IQZS+puOtj:SC4e+j3OL0ISl0Wj
Score1/10 -
-
-
Target
$DESKTOP/Torrent Portable/App/uTorrent/uTorrent.exe
-
Size
4.9MB
-
MD5
97c2ccf6622b460d89eaa0b481610394
-
SHA1
bc6fd3319daf27dfbb2786ad35b17329665a930b
-
SHA256
a17b3463587b84d73eecf57929d111dcfba158e33f93d5d43f8b28b7e4e3267c
-
SHA512
3ff0dcf9eb9b7c237d8ed13d51b20d3e14aedb5b11db763ff070c1afcef1ee677ace6d5f7d3bd724fc4277c925a30dcdd0d0280015d8cf4c8d88fd9efe910e57
-
SSDEEP
49152:lYTEpjDUiCeD8i8aUZMOwbk+ZNTEmrVLUWvggIhbf/NobusuC99ZaTg+P2jqAtHv:lY4ui18i2aQCaQa7P2jxpL9fn9UDc
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
-
-
Target
Italian!it.txt
-
Size
65KB
-
MD5
0ec32e3e931ab9352fb103dc425c6ce1
-
SHA1
35557900205740086e8e5045af661a6bc8c6f28e
-
SHA256
9dd7ebd0944e9d4ed6fdcadeb53a8490551b48b777f6fa8e2df2739150b9e5b6
-
SHA512
7872e5819552d972b961b5eb832202b582c1f04451a7a147ff84737024f73b5eb50e83bb32e90e45e11953bf94281bbb6a60fdfa5fcb26e7f3a59258ac42dc9b
-
SSDEEP
1536:ZgibwpZYpFyuevprh9FcgaayQKf0Ct9v0aa/HcLaPd94YNnq1tpTHlJXfLn:ZgmgZYpFy9vprh9FcgaaB1CTv0aa/8Lp
Score1/10 -
-
-
Target
Welsh!cy.txt
-
Size
63KB
-
MD5
fe085c71fe1fd7bbafaa535c68a767cc
-
SHA1
4ea364029c185e641021cfb167bc540a80ba4115
-
SHA256
833cd3556028ee149b08fe24e1e9a7750dd3fadc4785b9fe1dbe1ab15b456ca4
-
SHA512
a175dcfcc1062adf3f2c06289454129c89f70216b36129735d5a7b2b66bdd1259e5d1bba837d91a859501a2b9c30037a83b516270f733054bf54bfeabd12ddfc
-
SSDEEP
768:SQ2288B9I/YO/PcSA54rghubFErXxWdB658yPy8VdkUWElCU0IQZS+puOtj:SC4e+j3OL0ISl0Wj
Score1/10 -
-
-
Target
$DESKTOP/Torrent Portable/uTorrentPortable.exe
-
Size
82KB
-
MD5
5e1fae6406ca925a0968b55546b73e18
-
SHA1
ee96d2b039cca1569e4752903286462345400bcd
-
SHA256
f9d5869e1e0517f9940472c7a08fe229da200ebc17fb300e78db1d74be4a6475
-
SHA512
d6b2d01d6d579dd8e9fe62cb18655914aa100e0cd11a5ae4bf79dcb447d07906b6946b1eb7375bb0cf15da90fcf11d19e9fccd34def9d8748947ea3d19ca769e
-
SSDEEP
1536:t/E+bBR0yXzwLCk3SycmxVTtISCXwCiS74b+/6LRjxaw37OYwryw8L7Qe:1EhKzShSyc2uXwC974e61jt7OYoXe
Score3/10 -
-
-
Target
$PLUGINSDIR/FindProcDLL.dll
-
Size
3KB
-
MD5
75e7351a0f836b8659e6f315683c29f7
-
SHA1
66b733d1c978d68cadc245e7efbfcae32807429d
-
SHA256
7ffc549e7f679a08c77fa230654b77cdffb3444296bb7c6b8b5769db374b61ee
-
SHA512
f03400798b07ccca5e12fa119a586ee9444deb0d2419aced24d93fd84a4702d66864a71b40a11b04b1dbe56e36481cd6a644aec0347bc82bc7375b27bc403fe4
Score3/10 -
-
-
Target
$PLUGINSDIR/NewTextreplace.dll
-
Size
11KB
-
MD5
4c584ada75e66e2f3662f72c79b4bc26
-
SHA1
5ee7d2a0ed5662f0cda76a059234fe5f203a3b24
-
SHA256
2a770e400a83ce5220460d79f9e22236463c9972e2e32120f125a7d31761e302
-
SHA512
c6d7ea8d0e35084f23cd197b207cabe6625cc54d89efe6a8d016929d3bae3eb984342ce9b0e7f2c1e390c62aa4ba3cc2cfcbc40016d247244bd652ea46b2b75a
-
SSDEEP
192:tKUSemBDZGm2kaPKknekoGawkCOWf1QP8mnnL96h+/ii:7iAHd7WWq8mL9dii
Score3/10 -
-
-
Target
$PLUGINSDIR/Registry.dll
-
Size
24KB
-
MD5
2b7007ed0262ca02ef69d8990815cbeb
-
SHA1
2eabe4f755213666dbbbde024a5235ddde02b47f
-
SHA256
0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
-
SHA512
aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca
-
SSDEEP
384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA
Score3/10 -
-
-
Target
$PLUGINSDIR/newadvsplash.dll
-
Size
8KB
-
MD5
7ee14dff57fb6e6c644b318d16768f4c
-
SHA1
9a5d5b31ab56ab01e9b0bd76c51b8b4605a8ccce
-
SHA256
53377d0710f551182edbab4150935425948535d11b92bf08a1c2dcf989723bd7
-
SHA512
0565ff2bdbdf044c5f90bd45475d478b48cdbd5e19569976291b1bdd703e61355410c65f29f2c9213faf56251beb16d342c8625288dad6afc670717b9636d51f
-
SSDEEP
96:qD5UDaGxZH52QhtZafDP9BTS9nPg83UniV/zRzGEl1DMl1zN6LmeYt4dO:W5UDaGxZH5T0j+9nl3BzG0IZ6LqN
Score1/10 -
-
-
Target
$PLUGINSDIR/nsisFirewall.dll
-
Size
8KB
-
MD5
69f2e8c6fd141e9e720b2c4c366a8154
-
SHA1
a6279d93a102b6d7608dced32a36ddcd3e51994c
-
SHA256
2e204ee4f1d12b4ca35c8205cea0cabe354f2e79a471863cfb76a7cee83cf107
-
SHA512
bf23a5f3ce98e6a1c04fe8ae6b6f385483ceed62470cd109017c97f37c23adbf0203bfb43d09b007c6925aeb5da9617f33bc5c478618f00cc91da83a48cacaf2
-
SSDEEP
96:KCQjg8aCpUcmloiwmXaYY8NVxIYn69TEdUc1ND0RrXQAcuAtoFrJxalMu2k:KCQPeip58NjMNWND0RrXYuAWkM
Score3/10 -
-
-
Target
$PLUGINSDIR/Aero.dll
-
Size
6KB
-
MD5
243bf44688b131c3171f2827a93e39dc
-
SHA1
07e9c7bd16ae47953e42c06ae2606de188386f35
-
SHA256
04a577df50431eb0ff6fb103566402bf66c50415bcc1f8a86b9c235053131455
-
SHA512
a1a8c21d38c54a43d1c6c394f481dfbddcb359c617e9928ecca8f84d47354616a78d20735a1fe7bebd21626c21cf96d0e1a69e3e98f6b35f2a774cc0244f9516
-
SSDEEP
96:Mh1Wh+rTUNfwRtoqLOk+UVud5Wa7U2ZG:MTWh+cZG2qLOkjud5Waw2Z
Score7/10 -
-
-
Target
$PLUGINSDIR/BrandingURL.dll
-
Size
4KB
-
MD5
71c46b663baa92ad941388d082af97e7
-
SHA1
5a9fcce065366a526d75cc5ded9aade7cadd6421
-
SHA256
bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e
-
SHA512
5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce
Score3/10 -
-
-
Target
$PLUGINSDIR/InvokeShellVerb.dll
-
Size
4KB
-
MD5
0f137d75542976c9a5905457411b8fc4
-
SHA1
3a498dd92be9e3e174669a6da937568cad5b0129
-
SHA256
b38dd9db2839864de3bea895cb169ea9c01a86013b9b4a49b95159c92567e953
-
SHA512
255754c7f3ba80eb193b7818067a78f033347a145bdb5fdf792ec1ac4e836624a81f9e0fe685351a58481bb29826921c3d34b0d9f3c65e26e0934f670402287f
Score3/10 -
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
5KB
-
MD5
9384f4007c492d4fa040924f31c00166
-
SHA1
aba37faef30d7c445584c688a0b5638f5db31c7b
-
SHA256
60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
-
SHA512
68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
-
SSDEEP
48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score3/10 -