Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

79e9dd35ae...er.jar

windows7-x64

10

79e9dd35ae...er.jar

windows10-2004-x64

10

B2856B11FF...er.jar

windows7-x64

8

B2856B11FF...er.jar

windows10-2004-x64

8

DB46ADCFAE...ce.jar

windows7-x64

8

DB46ADCFAE...ce.jar

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94e05c5774a48a39bf345ffd54dc3e65_JaffaCakes118

  • Size

    298KB

  • Sample

    240604-pwx1ssgc31

  • MD5

    94e05c5774a48a39bf345ffd54dc3e65

  • SHA1

    90f94c619fd816f563cd3a0ebc5eb659eace6a5f

  • SHA256

    dc21d272f9c15d8fefa8d57e639b046c92ddb967e7b54ff2f559ebec6de1e92e

  • SHA512

    1d3d5b525294b4e990d5e734739752f269303fb06e5189f21b7b2d21e00da34d03901013f8279f439176025ec5a19aefa469979956ef1164c2d8b13a08266d7a

  • SSDEEP

    6144:QU0M4oxhV5SV/ny5ocFN71ru/4k2ie2vLn0F0Q5qQDVni0c5ef:QG4GwNyPNxrHgvLnW0OfSG

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      79e9dd35aef6558461c4b93cd0c55b76_Purchase Order.jar

    • Size

      123KB

    • MD5

      79e9dd35aef6558461c4b93cd0c55b76

    • SHA1

      09c6b30b7ff918d54ee6db72bf1bc41b5d6f1ca1

    • SHA256

      53ab4883cc1e84f1f1732bb2fdb97358490b9134156eedc516d6dde6b97018ba

    • SHA512

      61b4121768900bd8a6a5c056f02b7d0f34d6fd2124742f80b9b80e028dbd679d961cf24a1d36c460d69b90034a107fee89fb8cf30b280265c96bd4bf38e838c0

    • SSDEEP

      1536:XDBcxrH8YRt1mYuFGTU1Mep4fKz6stVwG/JLWOOpXILt4vhwJ+/aW6Ef2u3jx0OF:zCRjKFGTMpOKzJtVRRLWO/4OW1XdJPB

    Score
    10/10
    evasionpersistencetrojandiscovery

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • Disables use of System Restore points

      evasion

    • Sets file execution options in registry

      persistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral1behavioral2

    • Target

      B2856B11FF23D35DA2C9C906C61781BA_purchaseorder.jar

    • Size

      47KB

    • MD5

      b2856b11ff23d35da2c9c906c61781ba

    • SHA1

      fcce5d47e80051f617291c7f0fe53e5f3249f56c

    • SHA256

      75ff23be22ed5a003fde654d37d1b423e6353ea2e58adfcb8405a18dcbc951f6

    • SHA512

      b486c3aaffa312d53194238213f2e460281eff4cddaff22f8830654398c9b3abd3ebf8cd6a3452bbd3201f3a1db2222f071c07dfc4d65fa357d989db45b7b554

    • SSDEEP

      768:7nnfQxxfmEp1g/mSIdgVAhJw5UYIFqRTyNaFU1Gfo8XFJkFoesEVyY75+:83mEEeZdgtCYGJ0ouLkFoebo

    Score
    8/10
    evasionpersistencediscovery

    • Sets file execution options in registry

      persistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral3behavioral4

    • Target

      DB46ADCFAE462E7C475C171FBE66DF82_paymentadvice.jar

    • Size

      128KB

    • MD5

      db46adcfae462e7c475c171fbe66df82

    • SHA1

      2b43211053d00147b2cb9847843911c771fd3db4

    • SHA256

      02d1e6dd2f3eecf809d8cd43b5b49aa76c6f322cf4776d7b190676c5f12d6b45

    • SHA512

      25beab216af2dd7ff9fe4db6a7a4b1246ee225ef9ab48af2873bf5076b8b22ba2c75224592e6b34bddfbb8718a754ffd7c63db6167ef1992b04db143c58e377b

    • SSDEEP

      3072:VR/6ZQvChcDfJNBOFJKMRXcCqfrCUMBpXOg84WoUeonNTFN:LdvCGJN0FJ1RXcgBpXOjOjSNTFN

    Score
    8/10
    evasionpersistencediscovery

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks