Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

KeyGen.exe

windows7-x64

1

KeyGen.exe

windows10-2004-x64

1

dfxInstall...49.exe

windows7-x64

7

dfxInstall...49.exe

windows10-2004-x64

7

安装说明.url

windows7-x64

1

安装说明.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    300b9b71f4c18473c9aeb5fbcdf2723a_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240709-mqa8qssaje

  • MD5

    300b9b71f4c18473c9aeb5fbcdf2723a

  • SHA1

    fdd5d2f000e0a6ae247e847ed1c488a88f746b69

  • SHA256

    98a86e2a6369127a961bf6f9b5836c4e938e7a30abe54e8a7da6d202ce8594f3

  • SHA512

    abb5336c0348e2d5990a296760014c683d01585c768dee7880d378d77a78c16b9f6af3ec01ef89ef59511009079cd69e60f45f598278187d90a34ed15dadcf41

  • SSDEEP

    24576:RM8mTpmtfACC6kg6LiZMM1VV3LDNmBXSiaDTniYeg91MXN1YC5nlfPnPPPUd1EFJ:ImhACC7gzZMsoXravniY79a4+nlfPnPZ

Score
7/10

Malware Config

Targets

    • Target

      KeyGen.exe

    • Size

      118KB

    • MD5

      56b3d8f989419301790cf46b27f8201b

    • SHA1

      6228f6e79352eb79bfc55e150015c3558ac05e9e

    • SHA256

      f047f907201097a909a06c08727fbba516b595d423060992a9860f81becc4378

    • SHA512

      496e3ce49f7cd8c5e676804e2075f5cde41e0fc97bdb2ce7d302dce4b145f8406b580049edd0fb6693d8a0c4ff999b08724928356eb99eee7de4a7e7be88f91f

    • SSDEEP

      3072:60ATQv7MAiPnsCMjJTVxCAHUIiZ5jDosNlPK:60AEv7FesTjJRxCAHq5jDosPPK

    Score
    1/10
    behavioral1behavioral2

    • Target

      dfxInstall-JRiver-8349.exe

    • Size

      1.6MB

    • MD5

      8e5ba3bffb59f1b4399c911f4030c392

    • SHA1

      eb20ebb81b21163b66c49b6b4bac70ff03ee70d0

    • SHA256

      2db0a5790654013033219b1d1942fbe936d2e238ae6171f809f3cc6d7644d1b7

    • SHA512

      da0efd251302965f88022025284e36de2e2ba6298448736a535a237a843e4a568d5363b988883ee4edd3d2634c7c955eaa0171a19dcadb32bec968eb3853abd2

    • SSDEEP

      24576:KpZp6JguRntJqo/WDXA1PAMQDhq3F+TrQO3kIbgLgst84I1bTew3wjuNHhGr:Kt6JgqnDguAMQk+P3mLgsin1bpae2

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

    • Target

      安装说明.url

    • Size

      260B

    • MD5

      ed83e978f409fcebba2825b084f2c140

    • SHA1

      4548b5565354024dff5f387fa825fce7d11e67fe

    • SHA256

      ac996e7c6b803289cbb4eb6cd62cc7e63dcd456aa18dd7fa88aed066b06218ac

    • SHA512

      2257a6118aac1a6368749357433e037798d1765dee71addb73fa3e98b27335bf7000786a0814d6a5b3a5f63eb25f13e49559da8e192f48dd230d1c344763a377

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks