Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8a940b1ec4...18.exe

windows7-x64

3

8a940b1ec4...18.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Accelerator.dll

windows7-x64

1

Accelerator.dll

windows10-2004-x64

1

Basicsurvey.exe

windows7-x64

1

Basicsurvey.exe

windows10-2004-x64

1

MouseHook.dll

windows7-x64

1

MouseHook.dll

windows10-2004-x64

1

Socks.dll

windows7-x64

1

Socks.dll

windows10-2004-x64

1

gamebox.exe

windows7-x64

6

gamebox.exe

windows10-2004-x64

6

tabGame.exe

windows7-x64

1

tabGame.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...tn.dll

windows7-x64

3

$PLUGINSDI...tn.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a940b1ec4f57d590e1ff230344a88bd_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240601-qmyreadc9s

  • MD5

    8a940b1ec4f57d590e1ff230344a88bd

  • SHA1

    7ff077c2b5fbf499022e435207bdbda67c4cb446

  • SHA256

    5318739a0a7ac64d992edf27091adad9610a821c92f4a92793543b214d96a308

  • SHA512

    b38a41f4624cf850e97a00e49f7b8425a929504fffa59bc477faad3739fa4e0fcd2e44089cb2198467a26016670f444321b3a5bba2745c7937ded307f740b246

  • SSDEEP

    49152:2JXLBOvL5O7f+FMC0LW+TRxO82j1jEhf4YeS:2JXLcvL52+mfMbBjEhRL

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      8a940b1ec4f57d590e1ff230344a88bd_JaffaCakes118

    • Size

      2.0MB

    • MD5

      8a940b1ec4f57d590e1ff230344a88bd

    • SHA1

      7ff077c2b5fbf499022e435207bdbda67c4cb446

    • SHA256

      5318739a0a7ac64d992edf27091adad9610a821c92f4a92793543b214d96a308

    • SHA512

      b38a41f4624cf850e97a00e49f7b8425a929504fffa59bc477faad3739fa4e0fcd2e44089cb2198467a26016670f444321b3a5bba2745c7937ded307f740b246

    • SSDEEP

      49152:2JXLBOvL5O7f+FMC0LW+TRxO82j1jEhf4YeS:2JXLcvL52+mfMbBjEhRL

    Score
    3/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/FindProcDLL.dll

    • Size

      3KB

    • MD5

      8614c450637267afacad1645e23ba24a

    • SHA1

      e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2

    • SHA256

      0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758

    • SHA512

      af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      4KB

    • MD5

      99f345cf51b6c3c317d20a81acb11012

    • SHA1

      b3d0355f527c536ea14a8ff51741c8739d66f727

    • SHA256

      c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93

    • SHA512

      937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral7behavioral8

    • Target

      Accelerator.dll

    • Size

      306KB

    • MD5

      1c639c9f01f04c2c4a576e718c12eaf6

    • SHA1

      79adbb97540ffe3123d95a52843894b4e866bd27

    • SHA256

      4894790776e23b49b317a0efd243aae79d41f6f678a8167201a3e5ef98f6bd71

    • SHA512

      d88f3a686623b3c06d7834d1dc8d5543a219379750634f254434069e69a18c3977183ae39341a3284bae325f53992a586ccd3a4462e99cd4302131fd431f48b2

    • SSDEEP

      6144:Q2GMn+qaIrAf4pd3DecSGUHmJYSJuXEj0j888888888888W88888888888k4Q:b3+yt8SYiuc0j888888888888W88888m

    Score
    1/10
    behavioral10behavioral9

    • Target

      Basicsurvey.exe

    • Size

      657KB

    • MD5

      786ac29a6c03e308ca3bac08828e8cd5

    • SHA1

      9aac3fc4330d540bca7c205faeb24b85ab83d87a

    • SHA256

      a2d0d552751d0488d1730649377670533598fe0d9ebef679d8e299220df85790

    • SHA512

      28856060d70ba8fba5e8a636b841f21378f48b248f23fe09be39cdd80e11aa9a158f505bf3330765d21e4132d9ba87c1afc4c2c11d910a1bb5c4087fb796dd84

    • SSDEEP

      12288:51dqgcBdNoHqyjsJxu+OeO+OeNhBBhhBBDDWtbC1QzRmsg6YolKETcJtt2k+w:51drcHaHqyjGxjWtdzJgvov20w

    Score
    1/10
    behavioral11behavioral12

    • Target

      MouseHook.dll

    • Size

      31KB

    • MD5

      4c98a0b4635b39f0b58d2452ed68cfc1

    • SHA1

      2cc99264344aad0ac62347298b609a963a8d9f06

    • SHA256

      9d4f32310d1d1c7361b3a6719e556ff04b951e5512800232ef6c3f51c3a17ace

    • SHA512

      3c5c0734d389ceb2b6818977b4291f037aafb27def54601717ba7c62d6c063d245675615b2d1771b50ec39b17ad22c2c735d1a4dba94bcb8e7d555e3dfc4507c

    • SSDEEP

      768:EHr98zW8XvCBcaxZupGai292OKcojTuerV:EL98zW8fCWa/m2OKcoBV

    Score
    1/10
    behavioral13behavioral14

    • Target

      Socks.dll

    • Size

      962KB

    • MD5

      3bc2105e80879d2e5149924fa7fa6407

    • SHA1

      cf6d37a0bc44558cc77a325221a42a104324897c

    • SHA256

      8761ea43760d35086d2807a4440ea25692b5d53b284c17dd58af506f5271dabe

    • SHA512

      41d7f79cf7b7b6aa3aa20b460cc0b04f8ad75f67963e2cac7e06690d574f4a914ce9cfd753e411591b22686bade0429b93f9cbf78025e0ee8a4e31199050a87a

    • SSDEEP

      12288:z1XBTCHIy1Q3qyST6FD6NRMtEwdaCy5+OeO+OeNhBBhhBBCtEUEkj5faXy3pG2gH:zJmhMtPECyhtjLfaiZpgTj

    Score
    1/10
    behavioral15behavioral16

    • Target

      gamebox.exe

    • Size

      2.4MB

    • MD5

      4558c36e4df1405ef56126b4af989032

    • SHA1

      3a4c7f5687f38343bb64dc5bf166a47bad834a64

    • SHA256

      736e05c713ddb370d3f9c4077bea7c10fc88ef0ea1ff6150dbf3e37420ac821e

    • SHA512

      169889670777224bcda076770adc51aba7abd9587ad4e16df1c66bd3853bed6adfddf056d2c952219db694a7f45aa8f7b3efac568f3bd81b265d6bd81c51c537

    • SSDEEP

      49152:PB0sUqHdNFjIC7iJi7zV4qJRDjbpnVTcFXH+xcJ+81+In9:PYYdNFv7iJi7zhNjb+XH+6

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral17behavioral18

    • Target

      tabGame.exe

    • Size

      1.1MB

    • MD5

      a5033f0598afc629fc3f546412ecf1d3

    • SHA1

      71adb162c39c1f40fa69c2b4f08470c0fdab3beb

    • SHA256

      957bde20943cc4389c5f973d22ea76fec89c175e009e6194fd83204d6ade3b5f

    • SHA512

      7a7e748a0c6db8ce4d55c56cf8803f9b5c54a176bc64080507d5f0cbd1c1fc612c746f8d55baae8f98d741f99fc57ee56072ed24cf4070098c2c1cfa3e62797d

    • SSDEEP

      24576:MiXPws4R4QeeTgLerLaMzONfvxiqGDXH+nPoi:ndQkULa9foqGDXH+nPoi

    Score
    1/10
    behavioral19behavioral20

    • Target

      uninst.exe

    • Size

      2.0MB

    • MD5

      a1f1a7f656916cf47867458b72f23393

    • SHA1

      495867c9e79be12f9e08c7a3736d4bc760a82532

    • SHA256

      aec4dcf83d1a3ff01f6f457ed5a200d8b719ac7f6fe132e48ac6bb31fa94202f

    • SHA512

      ff3dd4d91d66070e16f08e81682cb3627095de4ae03a1445d4eecb499ad5765d8bed0befaf0182db4c9e2929624e7bae94145596004c56808112d109ad0d4ac1

    • SSDEEP

      6144:3e34+vH+A2Q98lVxWEUtVOgHnh+Fhb8XFJo9huri/iuSDJxiG/UqM+SSG4DYz64W:cH+jQZG/izD9/RVDYz64Wj0fK1

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral21behavioral22

    • Target

      $PLUGINSDIR/BgWorker.dll

    • Size

      2KB

    • MD5

      33ec04738007e665059cf40bc0f0c22b

    • SHA1

      4196759a922e333d9b17bda5369f14c33cd5e3bc

    • SHA256

      50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

    • SHA512

      2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

    Score
    3/10
    behavioral23behavioral24

    • Target

      $PLUGINSDIR/FindProcDLL.dll

    • Size

      3KB

    • MD5

      8614c450637267afacad1645e23ba24a

    • SHA1

      e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2

    • SHA256

      0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758

    • SHA512

      af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b

    Score
    3/10
    behavioral25behavioral26

    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      4KB

    • MD5

      99f345cf51b6c3c317d20a81acb11012

    • SHA1

      b3d0355f527c536ea14a8ff51741c8739d66f727

    • SHA256

      c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93

    • SHA512

      937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef

    Score
    3/10
    behavioral27behavioral28

    • Target

      $PLUGINSDIR/SkinBtn.dll

    • Size

      4KB

    • MD5

      e4ec95271ff1bcebab49bdfed6817a22

    • SHA1

      2c03e97f4773aea80ecdb98a1482e5896fe4677b

    • SHA256

      ee1c06692a757473737b0ebdef16f77b63afac864d0890022d905e4873737dd6

    • SHA512

      771a527133806307a1b17b7e956d6a3c16e9bc675bf084b43204ae784a057dac2726dbf90645692876043a4e7365ba8825c167621fde4760c79cd84679e2aa3d

    • SSDEEP

      48:iIf3aEDfeWm8JHFQbUrUPJJDFoetaxn/pFW3GNivz187eqzI/kMr8oX0Zbj:lv9Dfw8DQbhD2iaxn/PHmiNI/dQFZH

    Score
    3/10
    behavioral29behavioral30

    • Target

      $PLUGINSDIR/SkinProgress.dll

    • Size

      4KB

    • MD5

      cc037c4703d3ec257efeef2ce0a1a20e

    • SHA1

      b3d6cc8f687a31fb2c1a5921a38de9429af20502

    • SHA256

      888b32ecbc37ce67d4edc28d894cba0a4f4e2488cfc2212d1af011bd0bfe97ff

    • SHA512

      120bfa0a68775bef04c1863023b0e73a41982284fb36da7f497fbb7d5ed8631ad02fa09951424d339f6fefaa90a17c12f949dd68bb33bad64b1b7cace489d2a7

    Score
    3/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

bootkitpersistence
Score
6/10

behavioral18

bootkitpersistence
Score
6/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
7/10

behavioral22

Score
7/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
3/10