Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2b1c0be51ed61146bd7d8ddd687d83a5_JaffaCakes118

  • Size

    5.8MB

  • Sample

    240509-v8emwaeb7t

  • MD5

    2b1c0be51ed61146bd7d8ddd687d83a5

  • SHA1

    e36c94b7907a934c7bd3164520247bd5c32e8133

  • SHA256

    341ba85f86f2f5cf11c488ef1c175a0920752c78f305ad3e93a2ffd772433737

  • SHA512

    48df6b24c220c3866e06547ea055f2efff07702a289c55970595006dde4991abbcc9e9884cb67ae892b6e904cbaa7a0fd5011016b85164fc67bb4c0f842c8b98

  • SSDEEP

    98304:/ZYXlcGUnQPZeziBA08C6A7BKzVpjMklAiM9meRg1Gggxpd8GELu5DkXT6HRAf:/aXlbUnQAzoN7BivMeAiMoeRAGggxnKz

Score
7/10

Malware Config

Targets

    • Target

      怎么在小刀网投稿?.url

    • Size

      382B

    • MD5

      ca1977a35014d6e662f9bdbfe128b487

    • SHA1

      1fef79c723fb45090aca66ee5ee91ab25c6641ba

    • SHA256

      beb9b27b812eb1d7fd68bd66c6558a0b07b65a0940113fe62ec37b5951a5624f

    • SHA512

      87173106202fa95c5ff162276e0451f2d3c0e5a176a13d357e13ccd3221c86509434efc378910c5ad89f60042cec0da7caf9f9c06df70ce13f975097a810b830

    Score
    1/10
    • Target

      找淘宝天猫优惠卷 买东西必搜.url

    • Size

      396B

    • MD5

      e2d2f50f4d4158fe9cd513c134d8de81

    • SHA1

      c1409f732a4c02cd1e3812d46fdc8e95a13ca331

    • SHA256

      e1d54b137e53d5a69aa0f55b806709398a0233a537e086d0d1e625bc6a231e6b

    • SHA512

      fc9e048ab6c62da76eb34f659a404d977909f7e98a078a0d846422b5f2aa5d38506e9130c0c082d92dfa3ae0649d2b41bf0123201be1a76ca1b021cd455d8f58

    Score
    1/10
    • Target

      破解版/DQInstaller3.3.11.123.msi

    • Size

      5.1MB

    • MD5

      76333d36ded8043d7a3486416f4764bc

    • SHA1

      255c2cbe7bd11d94bf743e524cab9d24eebbc675

    • SHA256

      4983809c6b5f171dfab222c9ac142bb14678109b6efa019340e2003bb1194212

    • SHA512

      0befd85e092749ef442b23750ee525222cac16d99bf59e984efe648fe6af1c716f1d0d13bc487d372fea62b5983dce57891cc3611bec1aa96c45fca40b0a668f

    • SSDEEP

      98304:mQXXeDnc/1x/N/ZrJUCVcPLn4puh98mNfTNz0+evDqFZPPowXTg:mQonSnV+CVgMp1AK+eL2PPtj

    Score
    6/10
    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Target

      破解版/海豚破解补丁/T-T.exe

    • Size

      684KB

    • MD5

      c84c9a40874058e05b93d951d9806a64

    • SHA1

      10ee47e68adc8ccdbf4683518ee4c1a36833fc2c

    • SHA256

      1e734624efee8ed1838a3f779e42377ff1959d301e997323c62d1e411d89dd3b

    • SHA512

      d12e470ee61d5a30deeba18a171fa26da7926e1e91f588332150d538b3f316c3c26dfb25e5958cd32d02da95d02585b5d5a2ff4907969fc1d5b627b3004a3935

    • SSDEEP

      12288:IrMbz+Vj42llq++I6JNTEe9Jq0OHQ3YGDw0FZaxvtboZo:IEz+Vj3llr+/HfPq0yQ3YVQ

    Score
    1/10
    • Target

      破解版/海豚破解补丁/True.end

    • Size

      2.1MB

    • MD5

      40ac68c02484578f98fd1f8b9ec0359b

    • SHA1

      2b3adb9f328348aa76f232d5d766cc2f3df67c22

    • SHA256

      0b5d63656f16c8bef67b41e10dd51d89e0b6337b6849900476528a28bd2ef851

    • SHA512

      207cb67cf230c9e5b31b744a923e8a0693cd2b3ce12fd08bb782d56dacb0fdd9194f2f24810e3d91f9fa19469a75a70ed1e05385ef430a367aaec8d135328f85

    • SSDEEP

      49152:c75enfBVK5DuVbFMF75T31Yw0lQY5fWzckmp51Ojv+mgwQB:UonfBiaKN5T3cWz+aHQB

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks