Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

help.chm

windows7-x64

1

help.chm

windows10-2004-x64

1

lockfolder.exe

windows7-x64

7

lockfolder.exe

windows10-2004-x64

7

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3175fdc4ac981b0e45e3277ecc07250e_JaffaCakes118

  • Size

    1.7MB

  • Sample

    240709-wy7rcazclc

  • MD5

    3175fdc4ac981b0e45e3277ecc07250e

  • SHA1

    1bae158bddc0de48dfc1455ac4b5f8ee5f282047

  • SHA256

    3269287c1b809346c7b67dbb5466d3a33f026db667e1e3e184cfc12b4214ee02

  • SHA512

    f526bc9096184db70f59fd6b8811a9b256d97d95ff4d8817937d9fc374ac9509c310c10330a5ea1f9de7e7a6dc878776250a3cb9f945e1c3a13f99111290d738

  • SSDEEP

    49152:l2zBu3Qir+uctETA3OvYEwF38eN+vu09xY:l2Vu3TKdt+COvYaIUxY

Score
7/10
adwarebootkitpersistencestealerupx

Malware Config

Targets

    • Target

      help.chm

    • Size

      859KB

    • MD5

      84a10a7506d2e961a437ac8fe09fedf5

    • SHA1

      374612c5fb6ec5683306afaa03f4716fe92516db

    • SHA256

      3780fd81499ba111a80094f2eaed18c270c64d4f4ad3c4a2be6fc9ddd633b087

    • SHA512

      90ae4084c8b785d68c76e7a2a68522fd7533a5f5ceeaff5a1f091d43ff9e552a50d8ff55cf78120aa9ef7b7cc2c7561930e6239ea454442dd85ec627d12e881d

    • SSDEEP

      24576:RX1jh3hOsHxfqvJQ1BT4qhnRJiC0hgWhvLKSxgJBI:RFjh30sHgcF4qhnqDhgWhvLOPI

    Score
    1/10
    behavioral1behavioral2

    • Target

      lockfolder.exe

    • Size

      943KB

    • MD5

      6485f94e7623906927dbf2d80674d8fb

    • SHA1

      766ee84733a14d0715799c954b42887ee3d02366

    • SHA256

      4cf1567186a276ad04f7c63e2c726924f97b78314bcb28f6af810201ae182782

    • SHA512

      c73d2ebdc3f164c6be568dfb3d2d4d5277b968dcf97a0570d2b91c31eb22b0fb0ca61e81333866a86fda2539a6d39d9291386e4ab2b7d40ab29c41443650746c

    • SSDEEP

      24576:fxA3Z0z9d6/aqD1y62w0Wx/qkWYP4DpDzrrrpb/XKEqLBQI9mNl:fuZu9IpKoykWYP4DRwNQ4m

    Score
    7/10
    adwarebootkitpersistencestealerupx

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral3behavioral4

    • Target

      新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks