Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
300b9b71f4c18473c9aeb5fbcdf2723a_JaffaCakes118
-
Size
1.3MB
-
Sample
240709-mqa8qssaje
-
MD5
300b9b71f4c18473c9aeb5fbcdf2723a
-
SHA1
fdd5d2f000e0a6ae247e847ed1c488a88f746b69
-
SHA256
98a86e2a6369127a961bf6f9b5836c4e938e7a30abe54e8a7da6d202ce8594f3
-
SHA512
abb5336c0348e2d5990a296760014c683d01585c768dee7880d378d77a78c16b9f6af3ec01ef89ef59511009079cd69e60f45f598278187d90a34ed15dadcf41
-
SSDEEP
24576:RM8mTpmtfACC6kg6LiZMM1VV3LDNmBXSiaDTniYeg91MXN1YC5nlfPnPPPUd1EFJ:ImhACC7gzZMsoXravniY79a4+nlfPnPZ
Static task
static1
Behavioral task
behavioral1
Sample
KeyGen.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
KeyGen.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
dfxInstall-JRiver-8349.exe
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
dfxInstall-JRiver-8349.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
安装说明.url
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
安装说明.url
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
KeyGen.exe
-
Size
118KB
-
MD5
56b3d8f989419301790cf46b27f8201b
-
SHA1
6228f6e79352eb79bfc55e150015c3558ac05e9e
-
SHA256
f047f907201097a909a06c08727fbba516b595d423060992a9860f81becc4378
-
SHA512
496e3ce49f7cd8c5e676804e2075f5cde41e0fc97bdb2ce7d302dce4b145f8406b580049edd0fb6693d8a0c4ff999b08724928356eb99eee7de4a7e7be88f91f
-
SSDEEP
3072:60ATQv7MAiPnsCMjJTVxCAHUIiZ5jDosNlPK:60AEv7FesTjJRxCAHq5jDosPPK
Score1/10 -
-
-
Target
dfxInstall-JRiver-8349.exe
-
Size
1.6MB
-
MD5
8e5ba3bffb59f1b4399c911f4030c392
-
SHA1
eb20ebb81b21163b66c49b6b4bac70ff03ee70d0
-
SHA256
2db0a5790654013033219b1d1942fbe936d2e238ae6171f809f3cc6d7644d1b7
-
SHA512
da0efd251302965f88022025284e36de2e2ba6298448736a535a237a843e4a568d5363b988883ee4edd3d2634c7c955eaa0171a19dcadb32bec968eb3853abd2
-
SSDEEP
24576:KpZp6JguRntJqo/WDXA1PAMQDhq3F+TrQO3kIbgLgst84I1bTew3wjuNHhGr:Kt6JgqnDguAMQk+P3mLgsin1bpae2
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
安装说明.url
-
Size
260B
-
MD5
ed83e978f409fcebba2825b084f2c140
-
SHA1
4548b5565354024dff5f387fa825fce7d11e67fe
-
SHA256
ac996e7c6b803289cbb4eb6cd62cc7e63dcd456aa18dd7fa88aed066b06218ac
-
SHA512
2257a6118aac1a6368749357433e037798d1765dee71addb73fa3e98b27335bf7000786a0814d6a5b3a5f63eb25f13e49559da8e192f48dd230d1c344763a377
Score1/10 -