Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    395c8ea5f5dbf069b53d306cd9b03727_JaffaCakes118

  • Size

    3.6MB

  • Sample

    240711-qzyxyaydql

  • MD5

    395c8ea5f5dbf069b53d306cd9b03727

  • SHA1

    62a0d4527c7bd94e12b093a4ed08f702ff66c748

  • SHA256

    b6073a335b57ff3ba40ee7c74c5b429d135202cbbddd9c04564e542951049a8b

  • SHA512

    f14980fc8956795a0cfb789431874ea73a244d30d6101095730101072c9c1ddac0b799c29b6d36f0ce8562099e7b4404f4d60a671f2ab9e5cd54eddb87a0321d

  • SSDEEP

    98304:7IQyDO7KvHFdSC02xGh0oMbSWexz/04s14JzbA5dVoXp4ono:7DyDO7KvLSCJ8h0o2Sl1zqdqp4oo

Score
7/10

Malware Config

Targets

    • Target

      lkmn720.exe

    • Size

      3.6MB

    • MD5

      404ece6a558287207db9c7cc0b520327

    • SHA1

      d105136321f80f70487b8bf4b35f6e88e13b4588

    • SHA256

      20ec52540eadb58fc60e259eda7407de404e748139eb6f3a72e39e7c87bae797

    • SHA512

      887ff6e58cdf4a81d5623d06da67394682fa859280bf78ede580d62ed58ae247240167b5bb1b8f8bcacd4084fa1b92fbae680a128b511a849caef73fd9b71fbc

    • SSDEEP

      98304:dTfBWiLtQTvoVtNv4oRVfT0Qv3/z0GBOfo+n1sfj4wzpkM:drwiL+IRtVfT0gwGBYn1sfjrdkM

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/AdvSplash.dll

    • Size

      6KB

    • MD5

      820a1351ad064f75154b4f768b4d6fa4

    • SHA1

      00d47f11f88be17fa7c94cbf70e72c7f3b257dde

    • SHA256

      36e50c5f900e498b38bb42ea4b7cb14e5cb433807669e56e8c78d9921cf61270

    • SHA512

      9d28325b0df6ab4e469f787cdd9f3bee83a2c98a13c695aac61cee61301ebce84551babc1b7307efd28ca78768293884a39ae7cf3f1ad1f11215691add49528d

    • SSDEEP

      96:nQNyX2PtUZsMGe3SlFaqqhN51xWa5kkEkk/StCewookyc:nFXYtxWSf61vk/kkStCeRt

    Score
    3/10
    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      296a5f3179fa8d7a7a855eaf696ede44

    • SHA1

      57aa5b71553ed282dd22c768e039a187f5c13f63

    • SHA256

      ee0ad77e681c4d0fdf1d67df5f4ca03e6bdd8e3b05dfb47a83ad5c733ed62960

    • SHA512

      bc527d1485f468e8d098057e0e38e8cb7aa6eb64d4ca30927b99b1552a3177b132b989015ff95bdf2ca046bf11a54b4b456f51e024fbc734fbb548c3499e53f6

    • SSDEEP

      192:r6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:r6JaVh4I5rpPbTy+BdhO

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      86b5a07a43b7cbc5c49263b8d974b736

    • SHA1

      78388286a311810d812c13d87dea12d581713e60

    • SHA256

      5897fb00be38e502fb5dfd047d97e5e4da6387a7a6259633dc31c2427612901b

    • SHA512

      dcbe379c28302bb3472339cd24949b16548fa0003882a920df6839078cc7b2563f058a0524bf25df0a5ec8b08e302ebc9e646033109958669d8af883af959ffe

    • SSDEEP

      192:JO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1a+gMO:cKAFERdlxhGRYUzqZa+

    Score
    3/10
    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      a304fba25947dd17a81e74f8064a78d8

    • SHA1

      3c31b8351e1d2886cad5ff8f83fb2d5aed04750e

    • SHA256

      2a361dd5558a2ae21250144686eb8066e23a2ca1ece66c8a1cde56aa0191858a

    • SHA512

      8da9688b09bfd7408d69c77ca74531733fa162b509b05a20ce3980072a6fdff53b76e5cd41c44ff81f2556a3b4cc00417ba51fc2b2a4061a2e133629028e072b

    Score
    3/10
    • Target

      Linkman.chm

    • Size

      1.5MB

    • MD5

      ec707723c3356b8ac6eb02fc40c471d7

    • SHA1

      26cc71a3d9b045362a3f7f672222133cd0d71083

    • SHA256

      404292a0566ed408efea7620d187e7e98e6ae95c9eff26e7c4d2596abc879d5e

    • SHA512

      84e0e57d4bc49ce50a342f01554c2b1819fd191b3e660edbc198af229af6281b0ec50fbc48eb1818135ca06f9370a39428d238db9177a5a45720cb2971f13d0c

    • SSDEEP

      49152:C+UuQ0GaPPFCq8P1g6QmC1bjEAq2ZEXe1c:C+bTGUFX8dg3mC1bOsSKc

    Score
    1/10
    • Target

      Linkman.exe

    • Size

      1.0MB

    • MD5

      5ee87ebd71d6d2100f9a6f22598a3676

    • SHA1

      76539a18139dbc25d91e360c0ef957fae8ff8639

    • SHA256

      3614df1e4e8ac5197cd0219f5531af6f7635d4b01dc09d441081665dff74cc44

    • SHA512

      76e2b8ff34bccdcef00eb35559ee85b1194cae6cf019b877f249085553abafd59d2606a08316c76da2d662eaca0a101a0fc64a06535d6682474e1152b23fc3f6

    • SSDEEP

      24576:O1Oosdav7ORnnen9KxvkoznUYOB+nFYyxYmdjgMZeUH8:O1OoCayRnegxvRznpM+7y0gB

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      LinkmanCom.dll

    • Size

      329KB

    • MD5

      03a6aa502d4c9a2cf1ca89f4ee03915d

    • SHA1

      eb4624d7c984fd1c943af148eef575b4bb460414

    • SHA256

      380967b6e2f5d465738036510163878c399e37d18f63c6d5763616c4dac3a074

    • SHA512

      89714fe64ec246b31bb9fc71601f9cf1497fa5adc5cdc91b323cb8266732bdafbe50e09ddfc4777e94baea866826466ffb6b9342cee44e12e8c3c62072f400ec

    • SSDEEP

      6144:V8xeGQqa/AfzSzLSr3crUJKq110Qm627SQQT9JDNjAkUE7X2+bHqFWTr3vhw:VieHqa/Afz1sUcmyv/Au8DPDr3S

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      Output/SampleLinkmanOutput1.htm

    • Size

      65KB

    • MD5

      334b7dd371cbdfc882f0090bf98673a2

    • SHA1

      5fddd34d956ce7bce2ea74111d33f2424f9ed59a

    • SHA256

      f7f36b4375ded150eb9f91ad793b62b8d47b58dd99c438c824f37b693f296731

    • SHA512

      f74ce6001b750b28c661a679fcbad49d29820a842e9c89a882eab8d4baa596813ec0c0ef78990f7e41773b4b18970e4583135b1a82be7e260fc5a56507e1fed7

    • SSDEEP

      1536:3PKAImI4IQIGIFIFInINPIsIQIkILYpIlm:/KxTphzyyINw9h1Ljw

    Score
    1/10
    • Target

      Output/SampleLinkmanOutput2.htm

    • Size

      52KB

    • MD5

      bfbe4c769ac77ff482cb477ddbcd1fdb

    • SHA1

      5c236702af80eff974cb98329b75b42d1fc3f17c

    • SHA256

      1fe291b6e8fdd8e9ed1bdb531d0e0465f9ff7132f09b0f76576fc15442b8e67a

    • SHA512

      5e6fddb661ccd9f04ce4ae5485a59625de3eec58e725521f1062f0833b32995f0c816d0d8ed54bc1432d71d6c85baf49f46418da71b118ff223957f1fc82243f

    • SSDEEP

      768:lKXlj0xQRlXi+2MDOBeve3e0VPDIcZV7xD0OleUcLFPo:lIx7i+2M41cSaOledLho

    Score
    1/10
    • Target

      Plugins/oplugin.dll

    • Size

      206KB

    • MD5

      21c247b72a0223a4e7e74cff54086e4e

    • SHA1

      19fb12278b03be9101c5ae03d62b9b1b35d24346

    • SHA256

      a5fb027bfd47c5a89be6469f5fde0a12394fe2e98608e7d33ac594c00a0d9c9f

    • SHA512

      207837ba18c4d185cfbb196c6379f2ca127c57c099268714baf91830e1fc670275a2ae6578b1d88bf787f66ed30db02f138ba75d9cfff945d2c6470f91048c54

    • SSDEEP

      6144:VnmlelhcucKbIwMUFb4XyCKoJDBv1ocKu4GgbGxG:VmAlhcuI9UYyRoJDBacKrf

    Score
    3/10
    • Target

      Trialpay.exe

    • Size

      151KB

    • MD5

      b42b5e7d343ead62dd3dda3de3507197

    • SHA1

      aa56333f3228074f99e70a09e55b0185747f567b

    • SHA256

      e210e0418961ed5e02f18247ace71ba443fd03368384029f1b09899db90fdfa5

    • SHA512

      a4af7716a8da08d037b77df8bef7519fa19264351651a977a55bf9ed716d98749356aacfbef97f6430c1889b93784ca41fc5a06db44b535298ad9de17048a96f

    • SSDEEP

      3072:JZnB6ikkW7wpOT9goI6Y0J+SW9DKCILy+MyGKpQd8dcrr:JZSwc9Q6YIxFKyGK2d8dc

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      libeay32.dll

    • Size

      676KB

    • MD5

      c1b41ce18f8065a5b0ce66a4fba48794

    • SHA1

      1ee5afc40dc923bf6343618b50b445ba048bf60d

    • SHA256

      3b6cfd63d6489e5c7358a0ab5075231f843adbde7f9a3379d8af2d8b9e101322

    • SHA512

      f5d9d3ba13daa665f99922d9b05b9acdc947f3be1236938960b3ccc8c3be3c3b14d8ef909b5156df4f55b9a6644409170b62f891459d3bb4d6be7868aa571b8e

    • SSDEEP

      12288:j2jP7x8UgdMuSlzMKcUE0vUTbuv8ph76BG95I2:j2jP7OPdMuSlYKcUvvSbi8nb95x

    Score
    1/10
    • Target

      ssleay32.dll

    • Size

      148KB

    • MD5

      d4c0d211332dec5b8c11899e97f1d27c

    • SHA1

      92e7c1a1defbaaccb38b6653b0b47dd66951dc15

    • SHA256

      4906d6651d4c21e209f6e6ac781c5924ac18facf099f8d3f1a9b5eb9498d7565

    • SHA512

      e1058f9b6bda518fcb10b07ece629e4031d9fd080a0fc3ea67d6a6525f22bf3ddfb4a96e4e5c4394529c98066a95e25050dd756fa9c1da127c3ccf3bb47d81f6

    • SSDEEP

      3072:/nSjDA6rAXagzAgu2EBI4s2ITDL7uvKastW/X:/YVAX3zAguDI12I3gstW/

    Score
    1/10
    • Target

      uninst-Linkman.exe

    • Size

      59KB

    • MD5

      d046c01b1d70ccdd1d2359afcbbb674e

    • SHA1

      9d73ab15453e6a55e44e73aadea406ab9ccc9f6a

    • SHA256

      9eef15bb6118425ae86699011fce216fe210c6396ed8dc5d6a7beb7c3dd11ede

    • SHA512

      5288cf1e92e012e4184ebf02f57be7b138b7c62b7f7701e7fd717199123e95ff74c3f309052f40af9a29379ef5e9d996320392bd2c24eba30ce9b6913778464b

    • SSDEEP

      1536:HUGGrf+wMRVrkxmJLqAELVigG8YsRYEPBoI4:HUG6UVYxmJuAI05XEPBe

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      86b5a07a43b7cbc5c49263b8d974b736

    • SHA1

      78388286a311810d812c13d87dea12d581713e60

    • SHA256

      5897fb00be38e502fb5dfd047d97e5e4da6387a7a6259633dc31c2427612901b

    • SHA512

      dcbe379c28302bb3472339cd24949b16548fa0003882a920df6839078cc7b2563f058a0524bf25df0a5ec8b08e302ebc9e646033109958669d8af883af959ffe

    • SSDEEP

      192:JO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1a+gMO:cKAFERdlxhGRYUzqZa+

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

Score
7/10

behavioral2

Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

spywarestealerupx
Score
7/10

behavioral14

spywarestealerupx
Score
7/10

behavioral15

upx
Score
7/10

behavioral16

upx
Score
7/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
3/10

behavioral23

upx
Score
7/10

behavioral24

upx
Score
7/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
7/10

behavioral30

Score
7/10

behavioral31

Score
3/10

behavioral32

Score
3/10