Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

17f57b49b1...18.exe

windows7-x64

3

17f57b49b1...18.exe

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...lp.dll

windows7-x64

1

$PLUGINSDI...lp.dll

windows10-2004-x64

1

$PLUGINSDI...ce.dll

windows7-x64

1

$PLUGINSDI...ce.dll

windows10-2004-x64

1

$PLUGINSDIR/Setup.dll

windows7-x64

1

$PLUGINSDIR/Setup.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

bin/11.0.2...SA.exe

windows7-x64

6

bin/11.0.2...SA.exe

windows10-2004-x64

6

bin/11.0.2...AX.dll

windows7-x64

1

bin/11.0.2...AX.dll

windows10-2004-x64

1

bin/11.0.2...ok.dll

windows7-x64

1

bin/11.0.2...ok.dll

windows10-2004-x64

1

bin/11.0.2...lp.dll

windows7-x64

1

bin/11.0.2...lp.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17f57b49b15ef5c137f61183af819d98_JaffaCakes118

  • Size

    545KB

  • Sample

    240627-3ljx3s1epp

  • MD5

    17f57b49b15ef5c137f61183af819d98

  • SHA1

    3352d903e18d8463ebc8b0c08db5d24897b6098b

  • SHA256

    c71680c74cf84be6c4af31a16548ee1835f23c6e5e1d56668dac800137ad0b88

  • SHA512

    33af14b7b3bc9ebee7e041cdb9a912937105ee272df8e81896b682956614a1919a703062e1feab4b6d2a8c7605a4fca8d70af225659b546361083876c21781ff

  • SSDEEP

    12288:NlmtMo0Bz9iY8VWRCeZuvW+x9oLuf1J+5QMRblpD5ohj:zo0BKWRCyL+x9oKf1JqQMJlpDG

Score
6/10

Malware Config

Targets

    • Target

      17f57b49b15ef5c137f61183af819d98_JaffaCakes118

    • Size

      545KB

    • MD5

      17f57b49b15ef5c137f61183af819d98

    • SHA1

      3352d903e18d8463ebc8b0c08db5d24897b6098b

    • SHA256

      c71680c74cf84be6c4af31a16548ee1835f23c6e5e1d56668dac800137ad0b88

    • SHA512

      33af14b7b3bc9ebee7e041cdb9a912937105ee272df8e81896b682956614a1919a703062e1feab4b6d2a8c7605a4fca8d70af225659b546361083876c21781ff

    • SSDEEP

      12288:NlmtMo0Bz9iY8VWRCeZuvW+x9oLuf1J+5QMRblpD5ohj:zo0BKWRCyL+x9oKf1JqQMJlpDG

    Score
    3/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/Install.dll

    • Size

      237KB

    • MD5

      b193971d6d8885e05418c0730a0e21f8

    • SHA1

      7f3333c30cd2ea7a4223525776e1d74f74640d9d

    • SHA256

      2c4b83ba9afb7ee68de7c25fbf6627d312c4128f3078d09a67a5ce2981c3bc41

    • SHA512

      99fcba6a4d0503a5018a6d7adaa138a741063365d2dab4b240448d6d759f4264f0453f405fb691bbd7248eae4ff4a3b3b6e0672dabe429e4a00570af22d66dcf

    • SSDEEP

      3072:Udx1dB2+CCJJKRDi/bUnJXWZr0ge1GbPelZlXs6QmtiPZVF5l06UzIPe:Udx9JJFbeWLPelpdUZViI2

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/LaunchHelp.dll

    • Size

      61KB

    • MD5

      2877e64cb1e195b36ac398b14b673b66

    • SHA1

      418cd5728e01554f4f3def01c50f0e63347b45b4

    • SHA256

      8240c3f0e43695f32a6ad969dc0dbd12721c697e66056d104bd4a265284bf85b

    • SHA512

      7fe87828f011229271c774cddd2bc9b3814a53451a5a2440ef9369032792c5b1a66578ad5547c5ec43c56d06049ff8455770d2a8957f0a3ceecdff59f9757dc2

    • SSDEEP

      768:TnBXbBAirLK4lnwD8R/t2Ymim5Tx54uhLibcy/Y:DZPdwDIVr05Vh+cyQ

    Score
    1/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/Resource.dll

    • Size

      197KB

    • MD5

      e651de347cd20c882a8c026151f70786

    • SHA1

      96a64c71ff035ba541197879e1e2a6582391035b

    • SHA256

      92e7927def8e11331e67a3ee2d951cfbfab341db4b31b4bc486270aa96762c0a

    • SHA512

      f8e6ef00e510292438e1ae7510849a542453e749337d29a22c497b5fcb3252a28e09ac721f4e38969151ca259e4bcec1ca996f9549408e4ec69b3f533b1649ee

    • SSDEEP

      3072:1lH6No1BHfNQThVy5mUZVG5JkVIM9OKrUC7R2:1laNLlVIlyM9OKQI2

    Score
    1/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/Setup.dll

    • Size

      97KB

    • MD5

      d3d75ec4578085c3c9d1abcfad692b4c

    • SHA1

      56f9903cc6e103b136635b62081207626fe1b9e3

    • SHA256

      996c276cc47c0361ebcd9d560e677c7b9cef7085c983de09aeed5199240254c6

    • SHA512

      afd6a493b766a233d55ea48710c1819786fbd410f0e791502be1f38c8c77e6efeedd497f58e89af8dd92ad1fca58586ec55f74f0fd812cd45799d6b3755d5e6c

    • SSDEEP

      1536:z8F1jkZ6MGOH8dJi367wDt0YCWylSvN3MIlXbzkMev5WB/E4+ch:YmN36xKZbG5WBv

    Score
    1/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      05e52213cfa17dee760186462a9645ed

    • SHA1

      f6d5e82080bbba65db7d54e89250c95af833aae3

    • SHA256

      d9d3ffa4c7d7a152f435f4777e72aa1b6a6c0555f277e59eedebc587c3b66ba5

    • SHA512

      586eea0bec6345b437667ce528bc2396427dd444a396456e38046a8962e92a52e7ee62b9f6c97f41bc1fb4a1b3905a302d6f7055e26b84e60709ba3b416ad172

    • SSDEEP

      192:GOShJI/rmOAIPkWpUybQ9WhP4t5Rwc89XbubZav5:X6OAOkWWycGP4XRwc2qFav5

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      72KB

    • MD5

      db6fa5497746c30f657d4f5273d4cf9d

    • SHA1

      097b939914f2f12f5cfb7648359d0c6d95deb0ae

    • SHA256

      c7d9989d927b4e0622983bb1fabe26d0c8a45c217b93f837e1855af76edb040a

    • SHA512

      75d19d6161ac4648855b197ff02e326bd4b751e00e3ebbbb054124af50f89827c0f7676ed7ef6f8613f0027e999720229e2ebac28f156e57993d83bc7f318558

    • SSDEEP

      768:wMWMshg75NF64QY04Xod0YmS4uYjHIyUg5luHT3W/Ipz6BTpeRpl/i5kUykfIq:washg44k44mnjHIigHTW/Ip0TpMy5/

    Score
    3/10
    behavioral13behavioral14

    • Target

      bin/11.0.264.0/HBLiteSA.exe

    • Size

      751KB

    • MD5

      0c1dfcd68614aeaacb8c873e7f1a4553

    • SHA1

      d48e3b35f757ec954fc47e28dcdfb5f27a625771

    • SHA256

      47a3a5ff3188250f893ea70a9bc8922cead134519112b1ce618b2bdbd7bcb0d7

    • SHA512

      ebf9180fbf659b6999d89ba6469d7f0458acde811d9d095d4dacb3b31f7ad2d92db1a0916a2953daf4e7c8fb3f34adae5726dc3cb08a960a5118272ed8fe0449

    • SSDEEP

      12288:Cf9MQa5PJzYsFZH3M2neeHpziD5ZByjQXiG58T/JxZ:C+Q4PJ5FZH5neeHpzi3ByQiusxj

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral15behavioral16

    • Target

      bin/11.0.264.0/HBLiteSAAX.dll

    • Size

      309KB

    • MD5

      43530c2e30be20a560db358c5e6d2e29

    • SHA1

      48ec5c16fc5fbf4f50cb23dd6830bb7a78d3681b

    • SHA256

      21d984e9f8acdd6f51bccd464efe2c956ca406fc751ae0ff776cf11702d9ef92

    • SHA512

      515758e6445a257c576d53281e960415b46c0ebf66cb81998b927e270a5a296b3dae52ef57ff98204fc55b6c41dba6d12d2e5e9b61030a447479b647fe59bcbf

    • SSDEEP

      3072:YhwUll8wD9DPh8wfQCFFWQLNg8WqcrDXB2pAGxC4KKgFUizTjmI/+K63xiRSC5PW:YlBN9Wq2XkpASC7vOxipNWj

    Score
    1/10
    behavioral17behavioral18

    • Target

      bin/11.0.264.0/HBLiteSAHook.dll

    • Size

      146KB

    • MD5

      7c7c8ccde8dbf3e9e7f314cfc25abe35

    • SHA1

      b8f5d388048b34b6224365e1c042614889456703

    • SHA256

      8a0e3d03f170648adca6f058ed026c3e890717a2d7b93969b0ea622bfa3aa038

    • SHA512

      42965f0a45fd198b434a7f7add7b392ef647a349bb564f7ed0f4d7f55e0457c631c9ffd610c5de71d4abbd640756fd3ed02d2984764436e57baae8d7f8081487

    • SSDEEP

      3072:Yxqe+1qMaH458Y22yBdtUiIBKSk05J5X/a:YDtrPiNV/a

    Score
    1/10
    behavioral19behavioral20

    • Target

      bin/11.0.264.0/LaunchHelp.dll

    • Size

      61KB

    • MD5

      2877e64cb1e195b36ac398b14b673b66

    • SHA1

      418cd5728e01554f4f3def01c50f0e63347b45b4

    • SHA256

      8240c3f0e43695f32a6ad969dc0dbd12721c697e66056d104bd4a265284bf85b

    • SHA512

      7fe87828f011229271c774cddd2bc9b3814a53451a5a2440ef9369032792c5b1a66578ad5547c5ec43c56d06049ff8455770d2a8957f0a3ceecdff59f9757dc2

    • SSDEEP

      768:TnBXbBAirLK4lnwD8R/t2Ymim5Tx54uhLibcy/Y:DZPdwDIVr05Vh+cyQ

    Score
    1/10
    behavioral21behavioral22

MITRE ATT&CK Enterprise v15

Tasks