Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2e73da0e87...18.exe

windows7-x64

7

2e73da0e87...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118

  • Size

    204KB

  • Sample

    240709-bbdjrsxgmn

  • MD5

    2e73da0e871dca3c0a8360474f8a5e2b

  • SHA1

    652c2cb7318fc2b49a6ff17c8a099c33c32e01f7

  • SHA256

    3383c78a3caacae4f82381f0d83ad26eea1e1be5b04613338e7455687393354b

  • SHA512

    5f9a4528028ab2492f3fceb0b3178f4d76f2e2959d9f3b81ffcd24b7ffee694252b41c4755287e3d0f3848fe21a9536dc636e6bc00440b998eb1a72e77de1a6b

  • SSDEEP

    3072:+bI7pSg/D41XJnM2QawEi7ExnD/OveIxPL904OU2Xkce57WiiYTnd:4NSD+pM2OEjxnD/OGIxxn0XcWit

Score
7/10

Malware Config

Targets

    • Target

      2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118

    • Size

      204KB

    • MD5

      2e73da0e871dca3c0a8360474f8a5e2b

    • SHA1

      652c2cb7318fc2b49a6ff17c8a099c33c32e01f7

    • SHA256

      3383c78a3caacae4f82381f0d83ad26eea1e1be5b04613338e7455687393354b

    • SHA512

      5f9a4528028ab2492f3fceb0b3178f4d76f2e2959d9f3b81ffcd24b7ffee694252b41c4755287e3d0f3848fe21a9536dc636e6bc00440b998eb1a72e77de1a6b

    • SSDEEP

      3072:+bI7pSg/D41XJnM2QawEi7ExnD/OveIxPL904OU2Xkce57WiiYTnd:4NSD+pM2OEjxnD/OGIxxn0XcWit

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/ExtractDLL.dll

    • Size

      9KB

    • MD5

      d4f87d459a8a538c1d9dd7c12b48a2b0

    • SHA1

      846c6bb0cffa9f385685e5d0556cd90143e7e42b

    • SHA256

      b0a3af70b0d2fe402bd73c04206e8405df1972d664454f3572dd5759141a5b6f

    • SHA512

      351227caeb6dbcdbe3afe720a1fe8fb4a2c413851796e0b47b4b31a927a3ab6efc9eb9cbc025695c85400a3db8a77488bc8dc75e24162425b1845abff305238f

    • SSDEEP

      192:pUnA1CDX+0qxMQBCoZK0CibsJsJ0sMzV9VopTH:pUA1CDXixfCXG

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      eca460272800136da217dff3c8953df0

    • SHA1

      64e9ec022913d66b58ab5a8dbbfe7dd35d077824

    • SHA256

      fd74339ffd5a66781a333005f065a3978ca7916cc56e73ec9598262c72a33ff8

    • SHA512

      f92ccca98551fde68db761f58ac36e76319dde137dd0cff80f0f67f473412000ffba774074416e6907049c6b4c71ccbc853c33f4e489ba2b4f50badc2739b747

    • SSDEEP

      192:pKB8TmFxyTQdQbg9FkGuz9lhDGO8Fw+pzfVHAZT2K72dwF7dBG0XK:a8Tmr5dYQFkGUlqbpzfiT2+BG

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      42a4d62f1d35922e1501775ce14f0d33

    • SHA1

      ba4b4c0229c598d05c32075c9d0d72b97e623b89

    • SHA256

      7535496fa53b0da966413ef2f7b56d7c9ddb0d5a1fa52d85ecb13637b775b38b

    • SHA512

      4e2ede93378f8e671c75c933a33ddfe961c7aebb1bf13a0a44efd8b737646e0e9405c8addd6f58970ff8363c6fa92869e39a6559ae3becf4c2e58187ee7c4a24

    • SSDEEP

      192:UpM3f5sTMzoU7Fs0+/tcDm0tzailQvzwTaoxs+/rH6hqCeHtpflVp/12YgsTwp:UpM3xcMzRF4/Gv+H+D6hqblA0Twp

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      9b40e5625f6f893a141f4df48ac0838f

    • SHA1

      97dcc3c09f441129d293629a0f0d8d64e56a172d

    • SHA256

      1b2e5f2e29366accc88c4d0a2127f986769d4ccb585621314647374afb518099

    • SHA512

      1d4ba3af8d0a827f4c313fb7c89de1132729f0f6bd8846ea14e5d272dbe5283b12fc3b51b49139fbbad775727e4f1a1a9a5aab40ea401f5fe300235d7cc8b3e7

    • SSDEEP

      96:OCCshwlpqUsYghN/9uvZ7CLWNCSiiVTQYBGVXRvuBDlSriklbuba1iLc+cELY4Rn:uzqUuh/uLCXIkYBGV9uVlSblbubba4l

    Score
    3/10
    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks