Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

PersonMgrV...er.exe

windows7-x64

7

PersonMgrV...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PROGRAM_F...50.dll

windows7-x64

1

$PROGRAM_F...50.dll

windows10-2004-x64

1

$SYSDIR/MSCAL.dll

windows7-x64

1

$SYSDIR/MSCAL.dll

windows10-2004-x64

1

$SYSDIR/MSJET35.dll

windows7-x64

1

$SYSDIR/MSJET35.dll

windows10-2004-x64

1

$SYSDIR/mfc42.dll

windows7-x64

1

$SYSDIR/mfc42.dll

windows10-2004-x64

1

$SYSDIR/msvcrt.dll

windows7-x64

3

$SYSDIR/msvcrt.dll

windows10-2004-x64

3

PersonMgrV...ll.dll

windows7-x64

1

PersonMgrV...ll.dll

windows10-2004-x64

1

PersonMgrV...SN.dll

windows7-x64

3

PersonMgrV...SN.dll

windows10-2004-x64

3

PersonMgrV...gr.exe

windows7-x64

3

PersonMgrV...gr.exe

windows10-2004-x64

3

PersonMgrV...lp.chm

windows7-x64

1

PersonMgrV...lp.chm

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    38942e83d64940129e0b9c970385a8c5_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240711-lhf9cazhjr

  • MD5

    38942e83d64940129e0b9c970385a8c5

  • SHA1

    6b4e1fe7e5324ae86c297eb28555fe39a6858dac

  • SHA256

    8be410717226b5e873c61a30d92a767c6c6492ce6358cd79b2a41cb23dba05cd

  • SHA512

    a5bbb220be8df199426167bf409f9b37ac0809e19462a70e72197091cc608d99d8c2d391464a65b40724dbfe8af20d1dda24b3caf916602b6c49e4af10c8f780

  • SSDEEP

    49152:vXdq9BbkmdhSi783eRRi+CT1s4E6pdfXHZHoLhdkZ2Ed9Y6RI7:v49B90i4OfFCxumd8/+47

Score
7/10

Malware Config

Targets

    • Target

      PersonMgrV108A/AdoRegister.exe

    • Size

      1.5MB

    • MD5

      4eb0b0a8ded3103d65409ee165e010a5

    • SHA1

      feb76dc637d4cf13b2f75af910d42ab1efacd45e

    • SHA256

      8248dca62305f93c7572855662359f2b2d1d59ebba38930f47d8d0d71a59c659

    • SHA512

      37500626b7216068356b90c4ed14e236e08824ce9514804183ddba2624ce549561468e4db4595ba63d8150e1db32351b74cbc2fc3af35338b7d99e1f574049be

    • SSDEEP

      24576:TLy/z1XBAAix4e6fRaF5nVnfdvo5kTqPC7oWwAFpsnKVyQSgZrm/IblMpuDxol+:8z1XOVqeOYVVnfdAPCyKVPSt4Msol+

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      1e8f2fefe3ce893b117b26948b8978cb

    • SHA1

      59cfc6c3f5716e91609e54ca80ae8b06c93ef8ab

    • SHA256

      8203ae1589a50e6ff012e5d27bdd4f8ed7506077ca9b052827f5e90aaeb98519

    • SHA512

      b3c36e1aa5d3ee5f482f4175a7d6fe10cf2bf3bd3423ab4266d11c4181cfbc7e3f66a30855034a8ec026a4d5987598f0116e98519b7445d9e5687bcbab2c0e5c

    • SSDEEP

      192:qzixixDOHhG9db9rd+oSVPECMlh3I8tqDyng7hwbbHF1QuCb:qOx0DOHqrdwTY6+ng72bbMum

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PROGRAM_FILES_COMMON/Microsoft Shared/DAO/Dao350.dll

    • Size

      556KB

    • MD5

      8888bdbd4e118d915d40a11748282bca

    • SHA1

      4e8822d2242d175cc3d708843e2cd71b7ee7033d

    • SHA256

      a4b20735be317a924d2e36707baaf911fbae890ca53c5044fb506f15d33bcb6d

    • SHA512

      a96f5e72905571de84f515dd8a19c87d5143ead532bf01f0132da8262974bfaf910f24b466d49cd4ee83845fc65f02c273a550786854aec3e0f4fa713929b562

    • SSDEEP

      6144:lO4zReIcAtVXrPsS3Syvqe4v2QeD8yCaDSCwBwAlvz6Bm2hf9QdHHtMMeOh4J7Wu:lO4zRe7AvBiyvqe4pe7wHlv1tO7VYFk

    Score
    1/10
    behavioral5behavioral6

    • Target

      $SYSDIR/MSCAL.OCX

    • Size

      90KB

    • MD5

      bbe7dec55ead082aa85d8f14d275b75e

    • SHA1

      d7e9b1aa8d7c3fd6e784a4d56be49c0ba67d97bb

    • SHA256

      2488078dd5ccf2d8d30941c28c1356196b71cae153191774ac2f1ad30be23c70

    • SHA512

      f2b71eef000d5ae4b76894bd5971d89105160f44bd52abb335c512e600c6ec7681f4a7d4096c26712fef5d9b4e209e52df914e049d67d00e3c7729ef0679ce5a

    • SSDEEP

      1536:5ouzxk/uHGTMGGt8RfFPeeUr0UG4oQ8Sle/es09DqvTLMTWsi9l:5oum/uCMGs8ZFPevoUG4oQnY09cTLMTy

    Score
    1/10
    behavioral7behavioral8

    • Target

      $SYSDIR/MSJET35.DLL

    • Size

      1.0MB

    • MD5

      2bcb3e39703a69b0235ad937c0e4b1ac

    • SHA1

      8a3a66c533f3e9361f698f280423dad4bfa7431b

    • SHA256

      91dc7e10f4f97c0046b4b91b04b5195b95f3f0fd36260fa6433ef2ef623cb0dc

    • SHA512

      500574ed6231d2354165052de53383190c7c187399991d3fb1ccb95709dc8cb795f4a9241d6da4f68f66ada5f1adc782786e6f2fd2a7a46252d0f9c599cefc03

    • SSDEEP

      24576:mTZtL5tRvRV0sjN+YBMxd/r3oc90orxuD6AmuqbdRM+92b:6LvHAYmxdj3codNAmnb/

    Score
    1/10
    behavioral10behavioral9

    • Target

      $SYSDIR/mfc42.dll

    • Size

      992KB

    • MD5

      e36a58868f19b7b23374946356b3fe4f

    • SHA1

      ee30af3baf6143474180ece33408ed72d6ff9f62

    • SHA256

      2c4879b97eba1d2cf9398d675e94091fca2ffb08325d2451c8be661bf671020a

    • SHA512

      2070650ffae2c10022a74f3f02afd3e85f3a4eab7075e1612acac854be1c6305a32d3899aa60abf01524f65beb97fff02042ee89b5eb9345551b42653a5a8206

    • SSDEEP

      12288:Uk3DdssfXqxXzJoE0YlkWBVKLSjMrZhFV7LZmdWHtxFUy78CtZxbJ4oa/Z59wdJA:UAXqcXRpZrpL8d0wivBaf9wnvTrGns+

    Score
    1/10
    behavioral11behavioral12

    • Target

      $SYSDIR/msvcrt.dll

    • Size

      280KB

    • MD5

      dc8b7481f2239317aac1d1ad5498030d

    • SHA1

      5ae6cd3efb3a4ffdeaec52099a96f1bade107978

    • SHA256

      0a38f3f641dda8f39d5a9e07cc2a09cca3d8e08f7d119d37a88bf1aa9602add3

    • SHA512

      0702402bcb4c23a63bd781c412c11fda7643f23bc3f744eda733fa66af8f82ea57f732bd18b54e3954f5b053a3af8a554d975e818009747441089cd6a3692344

    • SSDEEP

      6144:/zZ1SdxAjXExZf/6qxXkj8eWNB4ctFMgiFwNr7mcl2+LZdV:rZ1k2DExZqis8eg4GUzoL

    Score
    3/10
    behavioral13behavioral14

    • Target

      PersonMgrV108A/DspJpgDll.dll

    • Size

      24KB

    • MD5

      783830367b868d8c5f08b325f45918fa

    • SHA1

      ca93a0879bd5a07284d7a8f7ed6579cb241632ad

    • SHA256

      a3e22d0d4fa1cf1453cdc63fe06830065af7bdb1cd763ac6040d7e5752f079d3

    • SHA512

      17cb32cee18d6289f1fa5ff7e866944b4f02321dc13f9433578466389f15b9d7b37ae19d05a2f7c744e09042a96ba26c3ab9e6816450bf790d8ea1d65ab75dc4

    • SSDEEP

      96:ntNi1yv+djmIamykDgZAIwTDyUPayiSH6MWMQ6Li3ggu5Ax8EqnZnPo2LeX4U:ntN8+mykDgZA75ACazL3RoAxHqnZPzU

    Score
    1/10
    behavioral15behavioral16

    • Target

      PersonMgrV108A/GetIDESN.dll

    • Size

      24KB

    • MD5

      12d1d37c9f8f178b4fb0e93896343449

    • SHA1

      9e086495bf2fa61440c97e2ba6bf69d4c93e0aab

    • SHA256

      0e1cd361eec1462681da97a14a23bdc9280092d4fa4ad3cf42593c23c21c5e65

    • SHA512

      fe2fe83c39c30c58302cc75a22912db04384bb2723cb135e5cb64ff18539270ca9e90f42cd42dea8c3cfa70a96cc2c71d61ce8a5bbfdd864515a2d0dc0c4f914

    • SSDEEP

      96:2az0v0ZFVfNeEEEuTtlyUKiIBBJB2DIBBJBfOTFQu5bxnbYRJgi:7Q0ZFVFeEEEuBlUJBxJBfORQMxb

    Score
    3/10
    behavioral17behavioral18

    • Target

      PersonMgrV108A/PersonMgr.exe

    • Size

      176KB

    • MD5

      43a1922f49ebc97ad4ba44f52465845a

    • SHA1

      41600e6acb37342d0516ba31baade3afeff82d17

    • SHA256

      1b694e0c48c8f6a9c57266ea623f8c4a4169350512294cd0f7345ecf72ea8308

    • SHA512

      aacdc8e0edf420f1ad2e2ae1dadd4c85d62a759293a9cf0b36424d4f8d646584c417a9d3685be16c7f5872b629d9bb7666b74a6121eb28eaa5aa07da340d9892

    • SSDEEP

      3072:VCBJu8Mg/szgDywubOg6mF3AFryNubdaoGuxIG8wMiMkJWk4oyOu:KJ/aP7Z3eKubduuxIvMHy

    Score
    3/10
    behavioral19behavioral20

    • Target

      PersonMgrV108A/PersonMgrHelp.chm

    • Size

      579KB

    • MD5

      0acbe6c14c2cbb138847387465191fe1

    • SHA1

      1f38a2f81d9cb0894a94294b9f3b0f769961c01f

    • SHA256

      2078e317007bdd5dc56db39320fb767bcd454832cd7664af07ebc4841b594c68

    • SHA512

      0e6ece48d9651d2d036b22e6cfecc05b3eba68692a1cac979ca3d3ed15b72f4fb27240a2cbe4c71b2be4af65fb47d254bf35bf4e10f0b7151be1d7e959d7d18a

    • SSDEEP

      12288:ptHOmaNzs7uXVhHxFlsR/ZmczNWFVtHd56kvKgshnUukkVzOSQ:THtads7ultxHsR/ZmkNUtHn6kigsRWUI

    Score
    1/10
    behavioral21behavioral22

MITRE ATT&CK Enterprise v15

Tasks