Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

11e12e0c4d...18.exe

windows7-x64

7

11e12e0c4d...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

GoogleTranslator.dll

windows7-x64

1

GoogleTranslator.dll

windows10-2004-x64

1

ShaPlus Tr...or.exe

windows7-x64

3

ShaPlus Tr...or.exe

windows10-2004-x64

1

help.chm

windows7-x64

1

help.chm

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11e12e0c4d93c8d9f2efc3787cc100c0_JaffaCakes118

  • Size

    161KB

  • Sample

    240504-kayb8age2v

  • MD5

    11e12e0c4d93c8d9f2efc3787cc100c0

  • SHA1

    12b61e351415a72f67afe5e7d6650c1443b47413

  • SHA256

    777730664beeade5b6f7b22e8dab7682caa8dfa1456b4c503be930f857265cea

  • SHA512

    7ecc0f2582171b5660b51fef1e2a54464450163a382d6818f68727e23668d5007ee7e19e0afcec0d6780a7864ed41ebb85dead3eeb5eaedd999d4dc8521525ce

  • SSDEEP

    3072:fLk395hYXJkmCQMpywCP9EuToe4kNnuB6J0y0dxXiQbLUd/FVhfY2V7kl:fQq6mCQMpLCF1gSnuAJ0y0dxXXLUxFv+

Score
7/10

Malware Config

Targets

    • Target

      11e12e0c4d93c8d9f2efc3787cc100c0_JaffaCakes118

    • Size

      161KB

    • MD5

      11e12e0c4d93c8d9f2efc3787cc100c0

    • SHA1

      12b61e351415a72f67afe5e7d6650c1443b47413

    • SHA256

      777730664beeade5b6f7b22e8dab7682caa8dfa1456b4c503be930f857265cea

    • SHA512

      7ecc0f2582171b5660b51fef1e2a54464450163a382d6818f68727e23668d5007ee7e19e0afcec0d6780a7864ed41ebb85dead3eeb5eaedd999d4dc8521525ce

    • SSDEEP

      3072:fLk395hYXJkmCQMpywCP9EuToe4kNnuB6J0y0dxXiQbLUd/FVhfY2V7kl:fQq6mCQMpLCF1gSnuAJ0y0dxXXLUxFv+

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/ShellLink.dll

    • Size

      4KB

    • MD5

      073d44e11a4bcff06e72e1ebfe5605f7

    • SHA1

      5f4e85ab7a1a636d95b50479a10bcb5583af93f3

    • SHA256

      b96b39cb4ad98f4820b6fd17b67e43d8d0f4b2667d50caa46eff44af245d75bb

    • SHA512

      e9f99b96334764ae47aa026f7f24cfb736859a9131bd1c5ec7e070e830b651787f49910911f82e4ade0dc62fea0ad54ba210b07e44830eb2be6abb710a418a98

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      a4173b381625f9f12aadb4e1cdaefdb8

    • SHA1

      cf1680c2bc970d5675adbf5e89292a97e6724713

    • SHA256

      7755ff2707ca19344d489a5acec02d9e310425fa6e100d2f13025761676b875b

    • SHA512

      fcac79d42862da6bdd3ecad9d887a975cdff2301a8322f321be58f754a26b27077b452faa4751bbd09cd3371b4afce65255fbbb443e2c93dd2cba0ba652f4a82

    • SSDEEP

      96:2fiqP7bO2qHkAC40KhvSE+6nrxtMn0iGd88qRLqtJ1tbRhElfRx2:siqP7OHX1Q4xtcf8qo/ttgfRx2

    Score
    3/10
    behavioral7behavioral8

    • Target

      GoogleTranslator.dll

    • Size

      104KB

    • MD5

      b65c33a946268df95bb3e3c4a23fc355

    • SHA1

      4242015823ad88f9a4c1f5418f209988030cd5af

    • SHA256

      1eda6b53b2baa94ed7e6b234b7e1293de965264998155cec64db9c2c994e2463

    • SHA512

      a784b68ad612ea5d145658df4b23ec8789b99199cda738cd74e769dbded8233a0729e7781829f20774ce8abb5890bc47c7a9253560554af46adb84c125c380a5

    • SSDEEP

      1536:ZjS0Caz5oZKs8+R+qKS8WqlZ6isBw9agS5Hl5rWeycltHfw0+4+A+L+8Ehrtop5W:ZjS0lz5oZFiEisnNX4vre/kvqcKDp

    Score
    1/10
    behavioral10behavioral9

    • Target

      ShaPlus Translator.exe

    • Size

      92KB

    • MD5

      22af67256b8aa0482fd211f53d876975

    • SHA1

      33608502445dfe96e49d1b430372364530a6eba5

    • SHA256

      f12101a956d6b1a7b166299b56409367de899853a774381c5753d89abe51456e

    • SHA512

      38a518b94af76afbf1058447eb60e43693c6ea403e6f3ec68ebf7dcfda662aa371633cb2e31878ab822281f551b81f280ed9e1ead781e8dbf1c3397bd4d57173

    • SSDEEP

      1536:bUMqMZ8fDdAyYm7UPXCB3srj50Uy8UUo5dl5/gEpknzfmlbbc7v/OuuL:bSFDdxQXU3sP50L8UazfmBI7v/z0

    Score
    3/10
    behavioral11behavioral12

    • Target

      help.chm

    • Size

      59KB

    • MD5

      950954cb3577222f97461599c44ac891

    • SHA1

      4d10d08fe971ba6aff7a74bbee79b1ca4390761e

    • SHA256

      833ab65897e5867dad5319b7f41294128185167fdc1c928b43c2a8af06078ce6

    • SHA512

      98de0beaeb931468d60c16f7987c79ae8abcb4f1ab14e4d89ab8cd453018b4638b907d11d62916e96ec83ff82958248ed4b0a9a59ad3f25f9863856c62a1ce9d

    • SSDEEP

      1536:Y9ooojhe/ro4uLXMsWCf2P6NTLGS0GgzMU4rlm48:Kor4ChhGSvgzWmP

    Score
    1/10
    behavioral13behavioral14

    • Target

      uninst.exe

    • Size

      36KB

    • MD5

      27f2d91f7ea7e5474dda07833609817e

    • SHA1

      524e6cc8a19418a90a4d2838cf703cfe22ccf09f

    • SHA256

      1814816c054425790ea1d005c8ce15d6f505e9856892087226f79376722d732f

    • SHA512

      5f052f2f9924fc570e4fa64c6b0366c9be5ae0e49b15fb3addea1f7065d60fe9e8ec380cd46ac3e79e0f9ae97135e50eadc3a70585113c3aebb34d79dfd1fbcd

    • SSDEEP

      768:s4wO7XBz+5Qm3W0tYdrQZHV4EWuWEUOg4jjfS3XJgKSWfM:fLXB65939tY6HBg4sXJgKS6M

    Score
    7/10

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral15behavioral16

MITRE ATT&CK Enterprise v15

Tasks