Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3e4aefa8ed58720e28431fda84bb0be2_JaffaCakes118

  • Size

    4.7MB

  • Sample

    240513-hyxz9abg2t

  • MD5

    3e4aefa8ed58720e28431fda84bb0be2

  • SHA1

    adbe4b4cb3bfe9f843e347b87860b6a75b8a6d1f

  • SHA256

    4566878f99644af59af4b31e711d57a39f62af9f819f75b802e99a656ad7c11a

  • SHA512

    2bce439230080c1bfc89e2714a9b1b30e316086af022e866ef024976b9a40400ab1e955fa634552b3fa49fa666403a44fad023ce01266f4a4de9f63c43477d88

  • SSDEEP

    98304:911XaLn/+laUKQ7SmXIEsPgVPynU3dycFuZEGK3WOTlDmkNPQ1XNLBio+:911XaL6aUx7SrFYA8YcFuZ3K3WgD7NoQ

Score
7/10

Malware Config

Targets

    • Target

      V10.16试用版本/KSafeTray.exe

    • Size

      5.7MB

    • MD5

      09af9bb3496bf9e0254f680e4d6ae263

    • SHA1

      532d5f63f0f0be303a98df2c62ba577272808af3

    • SHA256

      dd128af188627bca3c123a32d71b26493166c51b5db25b67e6a7cbbd80503e05

    • SHA512

      6790404f1bdf718b05aadae48b0b915244dbf4b47c8fff8be80a762c2b18185797c4bde5b247c56ec22de33de9fc3157647a4c8dd3176807a64abccb9f719208

    • SSDEEP

      98304:8JOf0Z9K8toGjAMzCPTD+Kcz1UHts1PUyl+fG3FwUZ6Gk31VuA9d:8aSz1YsTHVw06GiLZ9d

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Target

      V10.16试用版本/cfgdll.dll

    • Size

      59KB

    • MD5

      4793f5072156ed78c723cb64d7c12102

    • SHA1

      340704aec805edcb8baca591a69a96189c0cec78

    • SHA256

      0df6c736faab787e9be3e5634b1d8ff11a2f273bb24203635dfbd822872ecee8

    • SHA512

      8234f7cf3f97a89d9baa0f4012f2cbe3b3e833844b31c663b5e3d3c465d671e56d6c768a5d4c57aae883c8671bd27d801c8a7520d49d369a5bde3953e240a527

    • SSDEEP

      768:TaEHTGEBv6OuJjxqbhJKOBGxoVlbP2nP8oMoIIL3EvWE1:THHTG7OuJjsKOBlVh+EoMwgvB

    Score
    1/10
    • Target

      V10.16试用版本/plugin/FILE.DLL

    • Size

      40KB

    • MD5

      d0f222e0927f3f0e341dca4f47af739f

    • SHA1

      eebd84e63c3c7e7779712ead30b93ae2e93e3ed1

    • SHA256

      9d86a5dbd2395a345675f02746127eb44d184250fd6e901c0c5876bbe4d2b167

    • SHA512

      fa81a0729e92ed05bb8999f22b3c164d27bb8184bab60f1884290b9d15e1e9bae0656b3515a6d2a0d90747869398e159c93fe5aef405810dca2eba4124ad6061

    • SSDEEP

      384:NG53ptguMRrpOibHXzpPtapkBAWBLjDrks5X8C3tQ7Ax4s:I5SRpLbDpPcQAMLjDrksJP3z

    Score
    3/10
    • Target

      V10.16试用版本/plugin/QSGJ11C.DLL

    • Size

      140KB

    • MD5

      c7048348555403dfff86e561d4819ee1

    • SHA1

      f220869f3b6ea027b4d5907b8455fa93e3722510

    • SHA256

      15e889a8743b910b63138de6526853974ce2be48e7f9a736919ca390d5d3b837

    • SHA512

      9a259af65f53bfa8bd5fc2e989b06a4a758c7a316b5540eea4d07332638a6eb22c93210e9f606376ab37955d9794d880c930e31dd5bde1abb22d6dfeb7b8ae87

    • SSDEEP

      3072:aLLks1ROxKOlELlvfvSNnjbbLbpAWC66q6rcGS66v390SX1Z1Dp:cj1+lELlvfvSNnjbbLbpAWC66q6rcGSV

    Score
    1/10
    • Target

      V10.16试用版本/plugin/REGDLL.DLL

    • Size

      24KB

    • MD5

      e29d9a912204844df5306ca3935b1f1c

    • SHA1

      19ba6440827ad2ac515aeb6c8700fbb4c896e61c

    • SHA256

      3453bb9b4550dd5a51a64c3d2d25f1b49744b05ac740c57f2dd9f89084811318

    • SHA512

      9229d5c845eeb36cd293e8d998aca63ed14f41b43d7d11da8682ede4d24853eff19bf0801b8ab055d50c849be7cbf94b890a672d90b55eec5019cebf98925a3a

    • SSDEEP

      96:Q+fvNT4ui9YFfZVS7pxN3LusGOKmzXyUo2SZjvnEkWRA5mJL4DwdQTDut9Zdn0K/:TcYbM1H3ysce2NEkWCG4DoQTD0d0+

    Score
    1/10
    • Target

      V10.16试用版本/vbs脚本权限/dm.dll

    • Size

      810KB

    • MD5

      e8889a55641fa57bcb588571f5bcbc63

    • SHA1

      edcfb05ce9f378ced7dd327f1aa8310b5ef24b62

    • SHA256

      9a035bc32b7e5c69532a053b1af0a417ce27a9c2f435cbf47251b43bec7007b1

    • SHA512

      644ccc547204b0658595731623c5285e0493a315330e457e2b757b6e03d92ef64e63a2fa69bc11e0cdead68c737453041478c794a8ae3169cabdb06679923d35

    • SSDEEP

      24576:xmepaYR5ZMpGvuyZl22oPgsG0gfIlC7uK9IODxC:0mR5+quyZl22YG0gfIlC7uK9IO

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      V10.16试用版本/vbs脚本权限/运行下vbs脚本权限.bat

    • Size

      15B

    • MD5

      a022d4fcc65222b861dc211560d671da

    • SHA1

      ab0485a5e8355ca98c9cd4553cec8a8a0fa238d9

    • SHA256

      4cb0b1e3602735f72e971332df19d7769458a22193d923f3881bc2899e5f17ea

    • SHA512

      baea93fbd3effcd84fd7d9b18a74c9b3eea343bcb5f2a448dce2ba7d6f213cc5f2f4bab00a6c3d158b8b7bfc51f37b5b91654e9638669dcbf0cc7e2df09f5891

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      V10.16试用版本/提示注册码错误的运行下.bat

    • Size

      62B

    • MD5

      33221214c0063d46fa146ce425e3d225

    • SHA1

      aa0bb6c0aebdfc6723e3e3cfc80adec98d9f2252

    • SHA256

      94dc219c3c4bd6208dc237a9a6e6b489f145cd2eb46e3928d88f4353f666190c

    • SHA512

      06b67ca5fb2e740c4952441cfe4cd811fbad48883b283ebbb8f406c0aa45cb46ace18c0993e309e56ace86661a14f0c1e11c1103013df2c43e992bdd2d58c3e8

    Score
    1/10

MITRE ATT&CK Matrix

Tasks