Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

251fd694cd...18.exe

windows7-x64

7

251fd694cd...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...le.exe

windows7-x64

3

$PLUGINSDI...le.exe

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

yourface.exe

windows7-x64

7

yourface.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

MainInstaller.exe

windows7-x64

7

MainInstaller.exe

windows10-2004-x64

7

PingMe.exe

windows7-x64

1

PingMe.exe

windows10-2004-x64

1

Setup.exe

windows7-x64

7

Setup.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...oc.dll

windows7-x64

7

$PLUGINSDI...oc.dll

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

2YourFace_Util.dll

windows7-x64

3

2YourFace_Util.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    251fd694cde765aab1acc900f7e3f5d6_JaffaCakes118

  • Size

    3.3MB

  • Sample

    240704-jdmt8a1aqr

  • MD5

    251fd694cde765aab1acc900f7e3f5d6

  • SHA1

    89b7420838373d6ec5985f2cd2603dad20f5184f

  • SHA256

    3cea23a0d9d9beac90a9840c0c44a9ee638ec376ab60621608b599f73387a236

  • SHA512

    7c47380dda0fec590f46a24181fa5208230f353bcb04fc89f3472e8941bebd7998eed1031a8feb631adc980f9a28dde04a867932b8610bbab46556a6f97e9c90

  • SSDEEP

    49152:8GPQ91PV3rFFjeeJ6j8Dwq81KDE33xxNpb/Nd5tCQ5UhQEhpd8pEOoLxvonbaUb6:8SEF1Z0h3x5nCd+AqbtbaUui3ppH8

Score
7/10
adwarediscoveryevasionspywarestealertrojanupx

Malware Config

Targets

    • Target

      251fd694cde765aab1acc900f7e3f5d6_JaffaCakes118

    • Size

      3.3MB

    • MD5

      251fd694cde765aab1acc900f7e3f5d6

    • SHA1

      89b7420838373d6ec5985f2cd2603dad20f5184f

    • SHA256

      3cea23a0d9d9beac90a9840c0c44a9ee638ec376ab60621608b599f73387a236

    • SHA512

      7c47380dda0fec590f46a24181fa5208230f353bcb04fc89f3472e8941bebd7998eed1031a8feb631adc980f9a28dde04a867932b8610bbab46556a6f97e9c90

    • SSDEEP

      49152:8GPQ91PV3rFFjeeJ6j8Dwq81KDE33xxNpb/Nd5tCQ5UhQEhpd8pEOoLxvonbaUb6:8SEF1Z0h3x5nCd+AqbtbaUui3ppH8

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      477KB

    • MD5

      7a7127c1c951833b9b752b5b55aecd1c

    • SHA1

      86bdfd31cf14a831b89deb6852292ae012049a98

    • SHA256

      7b66a639beb9754776bdf123b0a389c83de2003c416fbd9d0488ab32e3f1f921

    • SHA512

      6b4631d294cdea1c76bfc2a7c9900364be7499e184eaf0be4cfcafe75c775ce057eb9940dcab85d97f6a75b4e29e8bde9c76d412366d9100623aaff69ba8f8b1

    • SSDEEP

      6144:F3qujs8hR5ycAT21eRBfE6LzA8zjZGeCD:u8RyRAeXfECA8zlG

    Score
    1/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/bundle.exe

    • Size

      1.4MB

    • MD5

      49a32310628c30cbaa72336cc8099ab0

    • SHA1

      a19d4faca995632c421eb03c64a51145f26ea259

    • SHA256

      b3b32999ef8e7a5484245edbb431c3849654947b5a854c66afa7a1e1a4ec752a

    • SHA512

      dd11731b4338bf879b73f8de7fee87d39955048b54daf7d07a4d2c41b391ddb912d40e3d84474c45bf2eb51001058bcc41cb5acc4ea630b9ff68b6a26df9cc6d

    • SSDEEP

      24576:N2sFAbLXk1hD2LY+5MPIvdNn44CdGkL12u58Vvp6rsB+3xCGUwaj6DQ671WmQks:TebuWYpwvo4KGi12g8Vvp8sBjGUvj68l

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    behavioral11behavioral12

    • Target

      yourface.exe

    • Size

      1.4MB

    • MD5

      2d1a8fe877c2c3a251d9b064438fa132

    • SHA1

      af6eed972b2c3d819c20b1cca83b91b1819fb4f5

    • SHA256

      c919043ac844a08523b83e22071824de50998307b11e719503d08cf2d532f847

    • SHA512

      86d57ba82c93a1dea122b993b9f735cbf080efc6ce8bdea76f4585edc39a936ca043c05123976c15d5a9edaa6a55d0888fbf6434f2fea5c2d4e9eae30434f24d

    • SSDEEP

      24576:GPOaKA8LjZ6hD2La+5mPIalInV/CpGkL7QB2BSAVv+6GsB93xXvAwsj6DQM71Wnw:Q8YWaDwae/oGi722QAVv+TsBDvArj68M

    Score
    7/10
    adwarediscoveryevasionspywarestealertrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral15behavioral16

    • Target

      MainInstaller.exe

    • Size

      531KB

    • MD5

      9ce448dcd7cf13dd950725957361bdff

    • SHA1

      5831ff31825ea82d90a2989e0fc0a33b859d5f97

    • SHA256

      3dbc5aff076ef9c86a90ad30e963581f7cb22f8e212aa38db29d82cf45b73f80

    • SHA512

      b4a175da3677cd3380cb3789f281f2afb10aa00dc9592217062d66eb9b5e73805886b692975d7244cdd439d8d5bcd0eb5810533284ba4b13ff02a20b792bf74f

    • SSDEEP

      12288:z/8Ze69hm2S17Y/bv9VXXLVS+n28L6OdBCZrrf3xSEowuj6ZQM7gMWZQkN:zihc17YpVE+PGsB03xSEowuj6ZQM71WD

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral17behavioral18

    • Target

      PingMe.exe

    • Size

      7KB

    • MD5

      991cd458830ae2008be0c2d8e26c8bd0

    • SHA1

      d519a7ffd8360a47450e60b7d665e666d9df89bc

    • SHA256

      f2ecda9fb1b201d9a120c5906c6b0983205e4858ecea0065499841cf4047eb71

    • SHA512

      e45ce313823e43726418378920c367a4957b2806ee8070d0f4acf63fd1fa893577fbe91fc859c81bd8d6984ca1c0fe9ef0b32200c79106a3f7dcff0b8efdb4aa

    • SSDEEP

      96:GL1h5Q/B2JL1L5Ie79CCna2fLAyrLSc9Q0btWcmRXzNt:GRQ/EL1L5Ie9V5LAySc9Q0bw5RB

    Score
    1/10
    behavioral19behavioral20

    • Target

      Setup.exe

    • Size

      505KB

    • MD5

      5d8d0c08384ad73216d52a2eabc064f5

    • SHA1

      0fa5c77fd6b6323b926c9648679e063d1bbc8bcc

    • SHA256

      30522715240f4a05859099ac370dfb516097ab257402981c6a9ad31951f36cce

    • SHA512

      42a3003019e39622082506c7ae50d8a27e2920fdfdf15eb9a8dbf7f1dbd49a02cd0390dabd74c136ed44e9d8ba270540ce9390f31aa84c2fc9fdfcc9e912dd57

    • SSDEEP

      12288:6xPm2P17YJbq9VXMLVS+n78L6OdBRdrrf3xr5Uw1jcZQM7gMyZQU:6Jh17YYVV+YGsBH3xr5Uw1jcZQM71yZX

    Score
    7/10

    • Loads dropped DLL

    behavioral21behavioral22

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    behavioral23behavioral24

    • Target

      $PLUGINSDIR/KillProc.dll

    • Size

      24KB

    • MD5

      6c2b245e89428fb917a5805815a4054e

    • SHA1

      5bcd987700dd761f02d2d1d024b8f20077985051

    • SHA256

      0558bbdfe61eefb680e8560a7d4b174447a9516098f9cd8b4c84bf1552cee5c5

    • SHA512

      ecb3fb77532d6ffa1ca08df05a6a86b18138356e63cb40edf68f97fc7fdf2e781a4ebeb1efdb9f13f947304312dd19ef5c4a78ddc60843f5f726cde69b2c57d4

    • SSDEEP

      384:DqIKV2NkzYqElRYhENOwN3uCyolsTMY29Goaz+QshqTPZHoErRZGAqcywHTswk4:D3KexROO3uCyow2/RA9VRZtBzLk5

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral25behavioral26

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral27behavioral28

    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      faa7f034b38e729a983965c04cc70fc1

    • SHA1

      df8bda55b498976ea47d25d8a77539b049dab55e

    • SHA256

      579a034ff5ab9b732a318b1636c2902840f604e8e664f5b93c07a99253b3c9cf

    • SHA512

      7868f9b437fcf829ad993ff57995f58836ad578458994361c72ae1bf1dfb74022f9f9e948b48afd3361ed3426c4f85b4bb0d595e38ee278fee5c4425c4491dbf

    • SSDEEP

      48:iYXzAm8HGJLvwM8GJFd6I7W4JtT2bxNNAa4GsNf+CJ8aYqmtlKdgAtgma1QvtCSJ:lz2mJkpGR6GY74GQ1YqmstgGCtR

    Score
    3/10
    behavioral29behavioral30

    • Target

      2YourFace_Util.dll

    • Size

      50KB

    • MD5

      4cb05fd996f8c1d5142ec77f52b3eb93

    • SHA1

      0d8122bc7b4f4991201dbc3e7313c51f38b40493

    • SHA256

      c05a336d4fd4719ae002c3befc690f462c64930b50912a632441a88f85bec77a

    • SHA512

      9682d34093e3e8bde0b289d3690722a3e590d7d9cdd058debb122f3c997493d52034aeb36adcc64b52d4805171d4054c9bec87e46e1ec995c6089d4d40d3e3bb

    • SSDEEP

      768:eh2p6b6ezNEqyRo0Mhjww4EBYkkJnFjGUED3inLEjfOWU3soAdi:eh22bBcJk0fLgu38Q

    Score
    3/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

Score
7/10

behavioral2

Score
7/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

adwarediscoveryevasionspywarestealertrojan
Score
7/10

behavioral14

adwarediscoveryevasionspywarestealertrojan
Score
7/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
7/10

behavioral18

Score
7/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
7/10

behavioral22

Score
7/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

upx
Score
7/10

behavioral26

upx
Score
7/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
3/10

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.