Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    077750e84f5bf5267d582995482adecc_JaffaCakes118

  • Size

    3.7MB

  • Sample

    240429-mqgqhsgh9t

  • MD5

    077750e84f5bf5267d582995482adecc

  • SHA1

    09a4734534c18956eefb003222688b16a082aa89

  • SHA256

    94c70fd5da5feb18eb47c379083c68edb32ef7c35d97ee80bad5da8c00688600

  • SHA512

    ffb27b9ff32ee5e52e27e0e722af5de369d9f8a3073ee907a7a6cb4da2be7d183267cb7dfc0f9168a1917d491594cafa98f1af2e8a74dd2d55594f93149c7048

  • SSDEEP

    98304:y2v74FzFVieLkrim7AVBURgWKQW+O418Qq7snNVnmfPI:FvEk6krisKWKt+Na4VmHI

Score
7/10

Malware Config

Targets

    • Target

      077750e84f5bf5267d582995482adecc_JaffaCakes118

    • Size

      3.7MB

    • MD5

      077750e84f5bf5267d582995482adecc

    • SHA1

      09a4734534c18956eefb003222688b16a082aa89

    • SHA256

      94c70fd5da5feb18eb47c379083c68edb32ef7c35d97ee80bad5da8c00688600

    • SHA512

      ffb27b9ff32ee5e52e27e0e722af5de369d9f8a3073ee907a7a6cb4da2be7d183267cb7dfc0f9168a1917d491594cafa98f1af2e8a74dd2d55594f93149c7048

    • SSDEEP

      98304:y2v74FzFVieLkrim7AVBURgWKQW+O418Qq7snNVnmfPI:FvEk6krisKWKt+Na4VmHI

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      Italian!it.txt

    • Size

      65KB

    • MD5

      0ec32e3e931ab9352fb103dc425c6ce1

    • SHA1

      35557900205740086e8e5045af661a6bc8c6f28e

    • SHA256

      9dd7ebd0944e9d4ed6fdcadeb53a8490551b48b777f6fa8e2df2739150b9e5b6

    • SHA512

      7872e5819552d972b961b5eb832202b582c1f04451a7a147ff84737024f73b5eb50e83bb32e90e45e11953bf94281bbb6a60fdfa5fcb26e7f3a59258ac42dc9b

    • SSDEEP

      1536:ZgibwpZYpFyuevprh9FcgaayQKf0Ct9v0aa/HcLaPd94YNnq1tpTHlJXfLn:ZgmgZYpFy9vprh9FcgaaB1CTv0aa/8Lp

    Score
    1/10
    • Target

      Welsh!cy.txt

    • Size

      63KB

    • MD5

      fe085c71fe1fd7bbafaa535c68a767cc

    • SHA1

      4ea364029c185e641021cfb167bc540a80ba4115

    • SHA256

      833cd3556028ee149b08fe24e1e9a7750dd3fadc4785b9fe1dbe1ab15b456ca4

    • SHA512

      a175dcfcc1062adf3f2c06289454129c89f70216b36129735d5a7b2b66bdd1259e5d1bba837d91a859501a2b9c30037a83b516270f733054bf54bfeabd12ddfc

    • SSDEEP

      768:SQ2288B9I/YO/PcSA54rghubFErXxWdB658yPy8VdkUWElCU0IQZS+puOtj:SC4e+j3OL0ISl0Wj

    Score
    1/10
    • Target

      $DESKTOP/Torrent Portable/App/uTorrent/uTorrent.exe

    • Size

      4.9MB

    • MD5

      97c2ccf6622b460d89eaa0b481610394

    • SHA1

      bc6fd3319daf27dfbb2786ad35b17329665a930b

    • SHA256

      a17b3463587b84d73eecf57929d111dcfba158e33f93d5d43f8b28b7e4e3267c

    • SHA512

      3ff0dcf9eb9b7c237d8ed13d51b20d3e14aedb5b11db763ff070c1afcef1ee677ace6d5f7d3bd724fc4277c925a30dcdd0d0280015d8cf4c8d88fd9efe910e57

    • SSDEEP

      49152:lYTEpjDUiCeD8i8aUZMOwbk+ZNTEmrVLUWvggIhbf/NobusuC99ZaTg+P2jqAtHv:lY4ui18i2aQCaQa7P2jxpL9fn9UDc

    Score
    7/10
    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Target

      Italian!it.txt

    • Size

      65KB

    • MD5

      0ec32e3e931ab9352fb103dc425c6ce1

    • SHA1

      35557900205740086e8e5045af661a6bc8c6f28e

    • SHA256

      9dd7ebd0944e9d4ed6fdcadeb53a8490551b48b777f6fa8e2df2739150b9e5b6

    • SHA512

      7872e5819552d972b961b5eb832202b582c1f04451a7a147ff84737024f73b5eb50e83bb32e90e45e11953bf94281bbb6a60fdfa5fcb26e7f3a59258ac42dc9b

    • SSDEEP

      1536:ZgibwpZYpFyuevprh9FcgaayQKf0Ct9v0aa/HcLaPd94YNnq1tpTHlJXfLn:ZgmgZYpFy9vprh9FcgaaB1CTv0aa/8Lp

    Score
    1/10
    • Target

      Welsh!cy.txt

    • Size

      63KB

    • MD5

      fe085c71fe1fd7bbafaa535c68a767cc

    • SHA1

      4ea364029c185e641021cfb167bc540a80ba4115

    • SHA256

      833cd3556028ee149b08fe24e1e9a7750dd3fadc4785b9fe1dbe1ab15b456ca4

    • SHA512

      a175dcfcc1062adf3f2c06289454129c89f70216b36129735d5a7b2b66bdd1259e5d1bba837d91a859501a2b9c30037a83b516270f733054bf54bfeabd12ddfc

    • SSDEEP

      768:SQ2288B9I/YO/PcSA54rghubFErXxWdB658yPy8VdkUWElCU0IQZS+puOtj:SC4e+j3OL0ISl0Wj

    Score
    1/10
    • Target

      $DESKTOP/Torrent Portable/uTorrentPortable.exe

    • Size

      82KB

    • MD5

      5e1fae6406ca925a0968b55546b73e18

    • SHA1

      ee96d2b039cca1569e4752903286462345400bcd

    • SHA256

      f9d5869e1e0517f9940472c7a08fe229da200ebc17fb300e78db1d74be4a6475

    • SHA512

      d6b2d01d6d579dd8e9fe62cb18655914aa100e0cd11a5ae4bf79dcb447d07906b6946b1eb7375bb0cf15da90fcf11d19e9fccd34def9d8748947ea3d19ca769e

    • SSDEEP

      1536:t/E+bBR0yXzwLCk3SycmxVTtISCXwCiS74b+/6LRjxaw37OYwryw8L7Qe:1EhKzShSyc2uXwC974e61jt7OYoXe

    Score
    3/10
    • Target

      $PLUGINSDIR/FindProcDLL.dll

    • Size

      3KB

    • MD5

      75e7351a0f836b8659e6f315683c29f7

    • SHA1

      66b733d1c978d68cadc245e7efbfcae32807429d

    • SHA256

      7ffc549e7f679a08c77fa230654b77cdffb3444296bb7c6b8b5769db374b61ee

    • SHA512

      f03400798b07ccca5e12fa119a586ee9444deb0d2419aced24d93fd84a4702d66864a71b40a11b04b1dbe56e36481cd6a644aec0347bc82bc7375b27bc403fe4

    Score
    3/10
    • Target

      $PLUGINSDIR/NewTextreplace.dll

    • Size

      11KB

    • MD5

      4c584ada75e66e2f3662f72c79b4bc26

    • SHA1

      5ee7d2a0ed5662f0cda76a059234fe5f203a3b24

    • SHA256

      2a770e400a83ce5220460d79f9e22236463c9972e2e32120f125a7d31761e302

    • SHA512

      c6d7ea8d0e35084f23cd197b207cabe6625cc54d89efe6a8d016929d3bae3eb984342ce9b0e7f2c1e390c62aa4ba3cc2cfcbc40016d247244bd652ea46b2b75a

    • SSDEEP

      192:tKUSemBDZGm2kaPKknekoGawkCOWf1QP8mnnL96h+/ii:7iAHd7WWq8mL9dii

    Score
    3/10
    • Target

      $PLUGINSDIR/Registry.dll

    • Size

      24KB

    • MD5

      2b7007ed0262ca02ef69d8990815cbeb

    • SHA1

      2eabe4f755213666dbbbde024a5235ddde02b47f

    • SHA256

      0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d

    • SHA512

      aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca

    • SSDEEP

      384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA

    Score
    3/10
    • Target

      $PLUGINSDIR/newadvsplash.dll

    • Size

      8KB

    • MD5

      7ee14dff57fb6e6c644b318d16768f4c

    • SHA1

      9a5d5b31ab56ab01e9b0bd76c51b8b4605a8ccce

    • SHA256

      53377d0710f551182edbab4150935425948535d11b92bf08a1c2dcf989723bd7

    • SHA512

      0565ff2bdbdf044c5f90bd45475d478b48cdbd5e19569976291b1bdd703e61355410c65f29f2c9213faf56251beb16d342c8625288dad6afc670717b9636d51f

    • SSDEEP

      96:qD5UDaGxZH52QhtZafDP9BTS9nPg83UniV/zRzGEl1DMl1zN6LmeYt4dO:W5UDaGxZH5T0j+9nl3BzG0IZ6LqN

    Score
    1/10
    • Target

      $PLUGINSDIR/nsisFirewall.dll

    • Size

      8KB

    • MD5

      69f2e8c6fd141e9e720b2c4c366a8154

    • SHA1

      a6279d93a102b6d7608dced32a36ddcd3e51994c

    • SHA256

      2e204ee4f1d12b4ca35c8205cea0cabe354f2e79a471863cfb76a7cee83cf107

    • SHA512

      bf23a5f3ce98e6a1c04fe8ae6b6f385483ceed62470cd109017c97f37c23adbf0203bfb43d09b007c6925aeb5da9617f33bc5c478618f00cc91da83a48cacaf2

    • SSDEEP

      96:KCQjg8aCpUcmloiwmXaYY8NVxIYn69TEdUc1ND0RrXQAcuAtoFrJxalMu2k:KCQPeip58NjMNWND0RrXYuAWkM

    Score
    3/10
    • Target

      $PLUGINSDIR/Aero.dll

    • Size

      6KB

    • MD5

      243bf44688b131c3171f2827a93e39dc

    • SHA1

      07e9c7bd16ae47953e42c06ae2606de188386f35

    • SHA256

      04a577df50431eb0ff6fb103566402bf66c50415bcc1f8a86b9c235053131455

    • SHA512

      a1a8c21d38c54a43d1c6c394f481dfbddcb359c617e9928ecca8f84d47354616a78d20735a1fe7bebd21626c21cf96d0e1a69e3e98f6b35f2a774cc0244f9516

    • SSDEEP

      96:Mh1Wh+rTUNfwRtoqLOk+UVud5Wa7U2ZG:MTWh+cZG2qLOkjud5Waw2Z

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/BrandingURL.dll

    • Size

      4KB

    • MD5

      71c46b663baa92ad941388d082af97e7

    • SHA1

      5a9fcce065366a526d75cc5ded9aade7cadd6421

    • SHA256

      bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e

    • SHA512

      5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce

    Score
    3/10
    • Target

      $PLUGINSDIR/InvokeShellVerb.dll

    • Size

      4KB

    • MD5

      0f137d75542976c9a5905457411b8fc4

    • SHA1

      3a498dd92be9e3e174669a6da937568cad5b0129

    • SHA256

      b38dd9db2839864de3bea895cb169ea9c01a86013b9b4a49b95159c92567e953

    • SHA512

      255754c7f3ba80eb193b7818067a78f033347a145bdb5fdf792ec1ac4e836624a81f9e0fe685351a58481bb29826921c3d34b0d9f3c65e26e0934f670402287f

    Score
    3/10
    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      9384f4007c492d4fa040924f31c00166

    • SHA1

      aba37faef30d7c445584c688a0b5638f5db31c7b

    • SHA256

      60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5

    • SHA512

      68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf

    • SSDEEP

      48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

upx
Score
7/10

behavioral2

upx
Score
7/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

evasion
Score
7/10

behavioral8

evasion
Score
7/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

upx
Score
7/10

behavioral26

upx
Score
7/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
3/10