Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

34744a5749...18.exe

windows7-x64

7

34744a5749...18.exe

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

uninstall.exe

windows7-x64

8

uninstall.exe

windows10-2004-x64

8

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

vbs.vbs

windows7-x64

1

vbs.vbs

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34744a5749315d0cefc2a57759a5c7c1_JaffaCakes118

  • Size

    51KB

  • Sample

    240511-n2dzfaeg8t

  • MD5

    34744a5749315d0cefc2a57759a5c7c1

  • SHA1

    d53abf853c65fc8a41bd52e833041cfcef33bc62

  • SHA256

    16b6f6d90d3660f8adc39145ac20c2089ea376f9861f24d1925063f4aece2a22

  • SHA512

    91a90e9e973e26abdfc7e952a8ea009a29c577c078297fe8be1655f69c23913c86ec0cc96516ffe2c6d0a8aff7ebc9d29c559edd3ed81f4edcce03b29fca5e25

  • SSDEEP

    1536:+HYMiClDhdyA5x5Z0DvyecUpjTGetwRXV:WYjClDhQlDvrcUp1twNV

Score
8/10

Malware Config

Targets

    • Target

      34744a5749315d0cefc2a57759a5c7c1_JaffaCakes118

    • Size

      51KB

    • MD5

      34744a5749315d0cefc2a57759a5c7c1

    • SHA1

      d53abf853c65fc8a41bd52e833041cfcef33bc62

    • SHA256

      16b6f6d90d3660f8adc39145ac20c2089ea376f9861f24d1925063f4aece2a22

    • SHA512

      91a90e9e973e26abdfc7e952a8ea009a29c577c078297fe8be1655f69c23913c86ec0cc96516ffe2c6d0a8aff7ebc9d29c559edd3ed81f4edcce03b29fca5e25

    • SSDEEP

      1536:+HYMiClDhdyA5x5Z0DvyecUpjTGetwRXV:WYjClDhQlDvrcUp1twNV

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      dada3e1836af78d5b24499da252d01e4

    • SHA1

      d2a1c25405e3c74973cf18dec2c7138df9e96a83

    • SHA256

      0073337816509851476c2cc154f471a3e3a1a2806b97c363870acc09a30a5ed7

    • SHA512

      f8bda8413dadb00a644341da5e076f203a3134daaefd2961fa0341f5a533eee28582ce9872354ead698bb1275ee7726fa574267e909a3e2f977908392e7a5c66

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      1f49d8af9be9e915d54b2441c4a79adf

    • SHA1

      1ee4f809c693e31f34bc6d8153664a6dc2c3e499

    • SHA256

      b22c8f676dec58be8d25fbad1a37835ffc4029f29aaf79f4dc0337ca73a38782

    • SHA512

      c60827e322e3168a79795ffd4beb0b0039842128255100d6b005d261402d2ff570f3866f441f3d3c063097c71d44bc5ae80d177fa91ef4e46fc8c2d97de27aa4

    • SSDEEP

      96:67GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgNo3e:kXhHR0aTQN4gRHdMqJVgNv

    Score
    3/10
    behavioral5behavioral6

    • Target

      uninstall.exe

    • Size

      38KB

    • MD5

      0cddde4152eb66c33077cb0cca09bd27

    • SHA1

      f7238a6b1e08ce3fbf6cf18cb7ca8b20f4bc376f

    • SHA256

      f85d6144303a2e8faf9253cd61070895fa3af04db656703990d0f1404d6d494a

    • SHA512

      18f8064128388a382651c913add2b414d81af558acb5ed070b78b0751129e25d31b78ea2758097097618c41735c2876c7e3b490a19108a3840173ba5371c01b9

    • SSDEEP

      768:cnHmFZIFRQp8lDhdQLErWV/AVHxI0Z0D32uInmyd0csJRnopdw:+HYMiClDhdyA5x5Z0Dvyec/p+

    Score
    8/10

    • Drops file in Drivers directory

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral7behavioral8

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      dada3e1836af78d5b24499da252d01e4

    • SHA1

      d2a1c25405e3c74973cf18dec2c7138df9e96a83

    • SHA256

      0073337816509851476c2cc154f471a3e3a1a2806b97c363870acc09a30a5ed7

    • SHA512

      f8bda8413dadb00a644341da5e076f203a3134daaefd2961fa0341f5a533eee28582ce9872354ead698bb1275ee7726fa574267e909a3e2f977908392e7a5c66

    Score
    3/10
    behavioral10behavioral9

    • Target

      vbs.vbs

    • Size

      399B

    • MD5

      b727cd18fa651f9abced72635206f954

    • SHA1

      03cd02841bd99874bcb38b37a9c72b2481f5265b

    • SHA256

      b509b1ebfdbbdf753b91d8a3aaf8b9e9a25c3505bc36f7db53c6f753e3028374

    • SHA512

      e260e476db9618f0b3ecbbdcc34055e468b717facf9c71e375ef352ab4a87c76f779987b7a3f992199721ef28a2125092872625ef2588ae4e73443dedc80bec8

    Score
    1/10
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks