Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    49b422470563a817972466667106b12e_JaffaCakes118

  • Size

    190KB

  • Sample

    240516-gp787afc74

  • MD5

    49b422470563a817972466667106b12e

  • SHA1

    0fe123206e9bebf0d52cf51c4fef9c4f07adfac5

  • SHA256

    110577d957889abb26d55891ca4b51e78cee9aa540fec542ae33142495f7ebe1

  • SHA512

    993fbfe5622fbcb4b2c9c6c07bc67a3bace67bc8fe45791ac2149484b846759daa361642bac94379250b327c71fb64e02b49777b2723283e70cd5fe95847f8e0

  • SSDEEP

    3072:HFXoDt6QAmP/NO4v4ZkxhJWu4zzb0D9u8mbQ9hVpSuAsqZ4ABp1vjAk2lm511SL:mAQnIaoYqu4zn0cAVvgekF4

Score
7/10
upx

Malware Config

Targets

    • Target

      49b422470563a817972466667106b12e_JaffaCakes118

    • Size

      190KB

    • MD5

      49b422470563a817972466667106b12e

    • SHA1

      0fe123206e9bebf0d52cf51c4fef9c4f07adfac5

    • SHA256

      110577d957889abb26d55891ca4b51e78cee9aa540fec542ae33142495f7ebe1

    • SHA512

      993fbfe5622fbcb4b2c9c6c07bc67a3bace67bc8fe45791ac2149484b846759daa361642bac94379250b327c71fb64e02b49777b2723283e70cd5fe95847f8e0

    • SSDEEP

      3072:HFXoDt6QAmP/NO4v4ZkxhJWu4zzb0D9u8mbQ9hVpSuAsqZ4ABp1vjAk2lm511SL:mAQnIaoYqu4zn0cAVvgekF4

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      21KB

    • MD5

      62cd3e9089314d24f0817c231dfa859f

    • SHA1

      907fc4cef9bf22b3814dcf1cd06fc2b3c3ec842e

    • SHA256

      93530c4c3cfa4a6c87671050a52eb673228a597e9052622e57bec02fec5328ce

    • SHA512

      ccbe4f18013fd1055ca575d15faec1773268404b5dd1af40de865b39bf18457ca8d9078d3d3932fffdcebb5e76a807adce39b1091bda897ca53d60c6798fd041

    • SSDEEP

      384:1DBI+2XKPdeyYTpLhDaSR61M01rP41WKSthVGBJwSAkBMyO:1K+2XsdeyMRhOSRAn1wWXKM

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      24KB

    • MD5

      e7143c9655d4d4a9efaa578748c6bc45

    • SHA1

      f8ac5c6ecf4847e1bbeafe021881a46e20f09e7c

    • SHA256

      5c25a47da05d6ec943baec00977aae4825fe06db370b765afc1a5d39670ccbe2

    • SHA512

      deadec14af2048188ae6c56cacec0fad9e9c86bbd352e664a999f2df8d0cef23575e6cc85bdfdc5105d69f5b0bdcca95a7b9f052f31676295ab6e3cae01cf8de

    • SSDEEP

      384:EjuFHgNpQsSBO9+N5qoNvRjEJMmG+cGSjOBhpVPY8cCBfbwdxc4:ZOkooN6JMmGU6OBhbajxp

    Score
    3/10
    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      25KB

    • MD5

      29e2dcdfb57ee3ab5e2bbc2fc3c42f02

    • SHA1

      bd6cafcce5b70ee15311f9f53e9fd4aac819ccda

    • SHA256

      2b7a69e98ed4975fd4eade513cff17099c43b3eebe7e7641696d1d20e8e14b2f

    • SHA512

      f71c981b3b5308566b56156462d106ebf8e49a32e55b70891f9d70338941afd347cb4df374fe38b9b3d7309f63dd75a7c80ebe02bb8941d558cd638a6f8daf7a

    • SSDEEP

      384:ViY1+aFplLBSgN9afuzwZAEecpuB3NVeMUPOSya4fa0Ac9khYLMkIX0+GGxky8oO:ViY1+a3e1mwJKVSPO5a4fsO

    Score
    3/10
    • Target

      $PLUGINSDIR/license.rtf

    • Size

      1KB

    • MD5

      0f42839c33c22077dd0f4cf46c905869

    • SHA1

      d4471aeb47a6960a783753051964bdd6c79d09ce

    • SHA256

      6ebd1f89aee1eb294f19340989cf5d460fb106c4edb522d9873e422bba5655d7

    • SHA512

      cf155b3cb71bc294d156766d628526129c3c172ae25f156f7ce5d72b1ec7c46f27cd999ac62f96ebded1454cc5a3abffa54d815c6ca2413d2f88d82449acf8b9

    Score
    4/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      11KB

    • MD5

      66cfc94903c8cfa492fdab42bde2026d

    • SHA1

      d07194419d914eae5dc54a480ebddb0a8cb32f25

    • SHA256

      82e21860521feea4d15ff7f30538b9d0ed1860747c98549ec85217178a6db632

    • SHA512

      ecbc2c9361bef9332fe8e1675d11884c344b26f437eee9db3ec0b5999bf20e16b1d863c192e2091375a870cf8f4674deec16875ba56757b88cc859288305eeb7

    • SSDEEP

      192:mMmfEKSweFA9/H5aE3KRmQv295JrbQMH2klPdIobEEdTFdHg:OfEBwe+VH5avmQv29XrUMHVlPFEEdjHg

    Score
    3/10
    • Target

      $PLUGINSDIR/nsJSON.dll

    • Size

      7KB

    • MD5

      b9cd1b0fd3af89892348e5cc3108dce7

    • SHA1

      f7bc59bf631303facfc970c0da67a73568e1dca6

    • SHA256

      49b173504eb9cd07e42a3c4deb84c2cd3f3b49c7fb0858aee43ddfc64660e384

    • SHA512

      fdcbdd21b831a92ca686aab5b240f073a89a08588e42439564747cad9160d79cfa8e3c103b6b4f2917684c1a591880203b4303418b85bc040f9f00b6658b0c90

    • SSDEEP

      96:Zw8NZ0x0OOdzJt0TwYKj7W/NYDNd9fQ6blfW+KrWC69r7ncnrD6Qdm:6e/7vAmrHblfW3iCmDcru

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/nsRichEdit.dll

    • Size

      5KB

    • MD5

      02f1858b3131ffc3fc5e3a5391d3a489

    • SHA1

      454a6d749cf55ff990bd9f57941aca9d1f1674f6

    • SHA256

      f00bd6d3e7c7b8e8ad18b7dc6275fb80cc720fb164200a6506f50f6e66998b12

    • SHA512

      8147fa8014a5065f4fed7de1fbb9c2ee2c1b94d63596f7bbcf6821ecd41a73d25ebdfa1e71ca74d7598cba063042b6dfcaf050a23d0c855a7b6fbc94147ab41b

    • SSDEEP

      96:Z3CA+/dN6g2Aznq+1kaNar7ta6mKAJN0u4KOhB7lkZ3hBjB8wZ:Z3G/D26EaNar7QKzLdZkZX

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks