Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

Backdoor.M....a.exe

windows7-x64

1

Backdoor.M....a.exe

windows10-2004-x64

1

Backdoor.M....c.exe

windows7-x64

1

Backdoor.M....c.exe

windows10-2004-x64

1

Backdoor.W...c2.exe

windows7-x64

1

Backdoor.W...c2.exe

windows10-2004-x64

1

Backdoor.W....d.exe

windows7-x64

1

Backdoor.W....d.exe

windows10-2004-x64

1

Backdoor.W....h.exe

windows7-x64

1

Backdoor.W....h.exe

windows10-2004-x64

1

SDK320.msi

windows7-x64

6

SDK320.msi

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69fbc6a70b315d827c524bea4b899c44_JaffaCakes118

  • Size

    574KB

  • Sample

    240523-gvqlbsfh75

  • MD5

    69fbc6a70b315d827c524bea4b899c44

  • SHA1

    38ea7bae684864714599fb0d1e7f702967c5a35a

  • SHA256

    fb07fb7cb7b15ecb86920b74be2ec2b955ae356b464baa7415a7f257b0c02e98

  • SHA512

    9ad9c936bf869c30b2b0ecda4f362dbc43647ab6c9c0a8ed6a7ce12e7c42e6281340d93262a01c9ceb55765c05ea6ee043104ce9f178e3185c1fed3f18efa043

  • SSDEEP

    12288:6OB1TEjQo/2aEZLGr78fkQ9CKn0yF8SjKzYiLX05yIp4qrh8djKQru:6OvTMQoOvQ8fkGlRGLo4u8d/u

Score
6/10

Malware Config

Targets

    • Target

      Backdoor.MSIL.Tyupkin.a.ViR

    • Size

      116KB

    • MD5

      af945758905e0615a10fe23070998b9b

    • SHA1

      0c3e6c1d4873416dec94c16e97163746d580603d

    • SHA256

      b670fe2d803705f811b5a0c9e69ccfec3a6c3a31cfd42a30d9e8902af7b9ed80

    • SHA512

      4d5cab85f291cf81e94202a3fc1e2aa7b78e442aea8b63c17260e67b4b7264c699e3955780601a6248c26ebc4ec4920975b7f6cd593b0fe4487990e66abe5cb6

    • SSDEEP

      3072:ElXOXRZug79trFkfjBsS4ImRuCdtId2kf7eyg91WBuCdEkOrSmUCqQelwkqsJfeZ:EcZLFkfjBsS4ImRuCdtId2kf7eyg91W+

    Score
    1/10
    behavioral1behavioral2

    • Target

      Backdoor.MSIL.Tyupkin.c.ViR

    • Size

      116KB

    • MD5

      700e91a24f5cadd0cb7507f0d0077b26

    • SHA1

      bfa9791ccc407819907b9d38341dd6d50b663e55

    • SHA256

      16166533c69f2f04110e8b8e9cc45ed2aeaf7850fa68845c64d92ff907dd44f0

    • SHA512

      b87ef6a9ef2f4bd53bea292ca0bbab4e9d434e51fcae91f8df9947a87efa1c05e3b78a246b7fb3f38cac504ef47c6e811483ac9dc417b8dbbc9fde42dc30051f

    • SSDEEP

      3072:B77jEZKhCCyFcUjisS4ImRuCdtId2kf7eyg91WBuCdEkOrSmUCqQelwkqsJfee72:WZlFcUjisS4ImRuCdtId2kf7eyg91WBC

    Score
    1/10
    behavioral3behavioral4

    • Target

      Backdoor.Win32.Tyupkin.c2.ViR

    • Size

      120KB

    • MD5

      162ad6dbd50f3be407f49f65b938512a

    • SHA1

      535f24c37102387fb3dd7869523aedb1805f3733

    • SHA256

      8bb5c766de0a73dc0eff7c9fce086565b6220465185e258c21c5b9dfb0bef51d

    • SHA512

      7eab46b95e2c23d9c70434457d8e10a9bcf963120e0db6d96cddf55eca96193daf805fcc452d8edaa16cddbc351879f1666e9755133e440b29d440d4a1c9fe74

    • SSDEEP

      3072:wohsZ6lLPlFKUjWsS4ImRuCdtId2kf7eyg91WBuCdEkOrSmUCqQelwkqsJfee7WJ:IZ8tFKUjWsS4ImRuCdtId2kf7eyg91Wk

    Score
    1/10
    behavioral5behavioral6

    • Target

      Backdoor.Win32.Tyupkin.d.ViR

    • Size

      184KB

    • MD5

      69be938abe7f28615d933d5ce155057c

    • SHA1

      bd8ab63f2544ca55858b6407e0b52d5494cf3715

    • SHA256

      853fb4e85d8b0ad7c156ad6d3fc4b0340c8b29fa0548a3df758e7845ba8b23ae

    • SHA512

      2525fa3db19585a230bfa9f0fbf783f5839ab677a7ff53b96220619c6f4f7900a9b29812ecfcb9703b7c2b773867a6e9fea139f5e9e3afda8055ad16ccbcb91b

    • SSDEEP

      3072:GvQSUBFYQ4J5HfQxicwjVptcU6ewrum4kNNY3kgEt+h:IQuHIxicwjVptcU6ewrum4a6kgjh

    Score
    1/10
    behavioral7behavioral8

    • Target

      Backdoor.Win32.Tyupkin.h.exe.ViR

    • Size

      120KB

    • MD5

      250b77dfbb1b666e95b3bcda082de287

    • SHA1

      5a699a8f64046d3d7fb5014d0242c159a04b8eed

    • SHA256

      3639e8cc463922b427ea20dce8f237c0c0e82aa51d2502c48662e60fb405f677

    • SHA512

      1bcc273ab504729928953c4d036286194a2ab3abb8ca9afe648cf01bce8895154308f9cbeb2b925196aa87f8e7821e40c3560e1d7703da3852ef7457e817218d

    • SSDEEP

      3072:cAVBCZJlDSFqUjJsS4ImRuCdtId2kf7eyg91WBuCdEkOrSmUCqQelwkqsJfee7Wy:eZJAFqUjJsS4ImRuCdtId2kf7eyg91W3

    Score
    1/10
    behavioral10behavioral9

    • Target

      SDK320.msi

    • Size

      457KB

    • MD5

      32d5cca418b81e002bb3fdd8e4062bc9

    • SHA1

      798d6d8adb449de0a3903af062c8edd8e401c2e4

    • SHA256

      6303ee28660f9d8bff4a494f96d681a2cebc72e5abc1ac3b0fdebcddbb7e0b8d

    • SHA512

      8321b57b238076b88277e7f7bf38711ff854bf92ef25916c0985c6d7f152b7d566ab27b09be550a4cc235aa335f6ce2eda95b07911c21af07a9148212df5c33e

    • SSDEEP

      6144:RmWfO38XsmuHi8LGK3s+3XN8s5nChu76Gdu8hPt4hAVxNB+j25p2rT:c/38XnQPLGKc+nN8sMuddTPOh0xaj

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks