Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

494b4a4f6f...18.exe

windows7-x64

3

494b4a4f6f...18.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Unlocker.exe

windows7-x64

1

Unlocker.exe

windows10-2004-x64

1

UnlockerAssistant.exe

windows7-x64

1

UnlockerAssistant.exe

windows10-2004-x64

1

UnlockerCOM.dll

windows7-x64

1

UnlockerCOM.dll

windows10-2004-x64

1

UnlockerDriver5.sys

windows7-x64

1

UnlockerDriver5.sys

windows10-2004-x64

1

UnlockerHook.dll

windows7-x64

1

UnlockerHook.dll

windows10-2004-x64

1

eBay_short...16.exe

windows7-x64

7

eBay_short...16.exe

windows10-2004-x64

3

eBayShortcuts.exe

windows7-x64

1

eBayShortcuts.exe

windows10-2004-x64

3

uninst.exe

windows7-x64

3

uninst.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    494b4a4f6f9fc3d298619519417bac4a_JaffaCakes118

  • Size

    297KB

  • Sample

    240715-ly4dta1alm

  • MD5

    494b4a4f6f9fc3d298619519417bac4a

  • SHA1

    c1e1bda6a632ae178386b89da3a3d15d97ef9bca

  • SHA256

    d4979877d317ac3ee167239f647f6a55a821cfac7875528e3bbecb7110f2f60b

  • SHA512

    b81e78488654f27fb9c8725e4f0c1555eefabe8958a72dd36a90362689aebc990213f4aafc082baebe6f6683082aad0a7bac62365ca3854df36598db4e33f320

  • SSDEEP

    6144:+O9jt6wZu8OGauB794zlvkuymdzXZIwaUPT3Pbkx:oQauB794zny3wpPbbkx

Score
10/10
evasiontrojanupx

Malware Config

Targets

    • Target

      494b4a4f6f9fc3d298619519417bac4a_JaffaCakes118

    • Size

      297KB

    • MD5

      494b4a4f6f9fc3d298619519417bac4a

    • SHA1

      c1e1bda6a632ae178386b89da3a3d15d97ef9bca

    • SHA256

      d4979877d317ac3ee167239f647f6a55a821cfac7875528e3bbecb7110f2f60b

    • SHA512

      b81e78488654f27fb9c8725e4f0c1555eefabe8958a72dd36a90362689aebc990213f4aafc082baebe6f6683082aad0a7bac62365ca3854df36598db4e33f320

    • SSDEEP

      6144:+O9jt6wZu8OGauB794zlvkuymdzXZIwaUPT3Pbkx:oQauB794zny3wpPbbkx

    Score
    10/10
    evasiontrojanupx

    • UAC bypass

      evasiontrojan

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      07f3b3445f66e1089567796bf3c8be78

    • SHA1

      851eb574c1067b23a654f8aa47b17ef599b24d1c

    • SHA256

      a505e6c537a5ce0166227dda9f7671605395592ac9f1a3764e8a01b713939db1

    • SHA512

      8c56308fff3a947b26fd0d98dbdd96c406ddf967f5d7abee8cba082b6c46a4e575094bb0bb981551ac5160bb5089cf6fb125dd17a659c427e28c07402adab1c3

    • SSDEEP

      192:pzi5iBjGHp29db9Dd+w6VPESclh3I8dYvwqu7hwbbHF1QuCb:pO5kjGHSDdgjo6pvwqu72bbMum

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      2c3c8976d729d28478a789217a882291

    • SHA1

      10c18b23fac957419547ef0f8ec3bc1b10e91e79

    • SHA256

      799f91bdd59f2133bf195c5b4ca685ee91666d981a6bcd8a6c45b7c8ecc96eef

    • SHA512

      749c650974f94cc5009124d3fa3d9bb1ee5824a3fa0a76b81733e08379678a2a1b7c54b77d1709fb6de24c81c68c03c0ec3e9ec5ccad0d30d9237300794f1213

    • SSDEEP

      48:aefTYzqi+/XC1aQbkMIwovgxbLuwOWd8s/d79C6O4MWNEYJvRZJ0dfh80:22XC1XkH/ohLZDSs/d799O4MQE0R4

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      9KB

    • MD5

      afd989ef7eec6bf952bedfce541fe236

    • SHA1

      5654b71c5b1089c2cec6381d8da5bd14a14e1a37

    • SHA256

      5e97602008ba004c72d58f71e77ffe0a0ea01103867eb12a9ec0f28e72f440d8

    • SHA512

      f4e3d88477d39218667dd482a08904b2b69435db7d1fdd492380544aff83895d393a288c329da69074b69c68f51db45f694dfea81fc12fa2042ed43b3d06440c

    • SSDEEP

      192:XZNEnGTkTwat3s8pXqrpxwvcq5/pZquJKeS:y3nX/N/P9JJS

    Score
    3/10
    behavioral7behavioral8

    • Target

      Unlocker.exe

    • Size

      85KB

    • MD5

      aeb7861bf49f5d0b1834e3571bca1803

    • SHA1

      dfc9af417868a6d5023d2fd6b487d3139d781f3f

    • SHA256

      a85f81b612b907b88b4ae0068f50d091031e7026e33831b9e4d1680f2be78f4f

    • SHA512

      b215b1e29d77bda9359bc0934bece99e93f8daec8e2e12b5d42cf873c66e93d267c7b73cd1dd03ed9a685133c6bd89ed7f9238f598e483c2c1ab2ee4e5d651ff

    • SSDEEP

      1536:1juMk1QewWFHiUzyJBGMXW6hlFTaBpTwUFbFkKABTP4ZhOQS62Sl3niH/q:0dwWJiUzTMXW6MkDKABTP4ZM1o3+/

    Score
    1/10
    behavioral10behavioral9

    • Target

      UnlockerAssistant.exe

    • Size

      15KB

    • MD5

      403e928ba217e38485009636c793f3c9

    • SHA1

      2db1a193f60139fb7da1c21b9a6558d75694f996

    • SHA256

      7e19483efccc4e439444025a25c781439a88b95622262775e721f67319b83457

    • SHA512

      870937a2a923a7b6905c5e8b844a5840d012678cd698013e94b0cf265677643cde05ceebbbf7f848273a44e83eb0b6a2ae5749d4e9c9f438c57838a5021475e6

    • SSDEEP

      192:nbr+2TqhWJa+De9zf8pRvBpD3FMXKv+abapT4SYCjtTGcrkOLQPF8llmY:nv/T3Pe9z0pRb3h+abUT4uJxLU8lE

    Score
    1/10
    behavioral11behavioral12

    • Target

      UnlockerCOM.dll

    • Size

      10KB

    • MD5

      da66ceaf1def4da337f1542e0308483d

    • SHA1

      cc62fce6bd958292064127a723bd936b95960edd

    • SHA256

      fa029fb257464e1d18e3695f886bb66187218c4cc82e2c80936a51db56ccd586

    • SHA512

      96708333bac542b7d88a133c2c06aa5b3aadb80edf63ede21a234047f2ad63714699cef8f66630052b9e35daff6bb34ee9b72d519af8ba6c9f3bac96d809a676

    • SSDEEP

      192:k/+TMPhYSg1aKp94lyRJBRY+lxQ4xX9DDAveJjIK7:k2TMPhan4ybFlxQ4dt4wd

    Score
    1/10
    behavioral13behavioral14

    • Target

      UnlockerDriver5.sys

    • Size

      4KB

    • MD5

      4847639d852763ee39415c929470f672

    • SHA1

      ba5bf16f30378754dd06f0610a8e833421cf43ea

    • SHA256

      75cf9471ba3ea54e5be66cd7612da134b3370d7c3fba8b2682093c03a0ad87b5

    • SHA512

      21d02f833ac1ff3df4a0fff8452c7020dac0c892432fc4e06ba622aeca990954c445a57e399055c5c0dcc56552c33cae98d549efa45f7e0c0105fe8adc5da0b6

    Score
    1/10
    behavioral15behavioral16

    • Target

      UnlockerHook.dll

    • Size

      4KB

    • MD5

      78d62115f51b641a9f12afdf50a352fc

    • SHA1

      b801bfa7200bd378c53056e3b330dd4d2bfc622a

    • SHA256

      38e03771b1de28f3bc950fcab0180c089b626ae8c8a4635f4df22028b4f71dde

    • SHA512

      061a8f13d1e9c4f3ac4183ed0a89dd940c89ab6c1962af53028cc871bf9f2eaf15cfbe0facbcec21612a81fafcac789d64cb4cbf6847165ff7a2af60467707d9

    • SSDEEP

      48:C5H6MwSw43mN6MB+xolFebsyJaeGIGDTHxRNimznQ4wZK0E8ee1kAosky4+i+O:AHBn4BlFI4xpkEtjJ+7O

    Score
    1/10
    behavioral17behavioral18

    • Target

      eBay_shortcuts_1016.exe

    • Size

      60KB

    • MD5

      25bacc8b5eff6ce21247aa497a76899b

    • SHA1

      ba6c6840226b65fedee212ea4cdf0dff3cd70dee

    • SHA256

      77be1948f4fe4fd51902dc5ab17976caa5e29751da5954cc567e546d688da47c

    • SHA512

      f96544cde0fd32cb668c2bf6972eb0f7ce6a628f6e4372b7227ed0262249618192bf0ab5e6a7fd6794b3077f069ded003015fbb9b0817eeb4777255fa4101d17

    • SSDEEP

      1536:PjmS7uQiR7abLJqiX0DImJicz5sJ6RWOM+Dat:PjhhbyDImJiNYEOM+E

    Score
    7/10

    • Loads dropped DLL

    behavioral19behavioral20

    • Target

      eBayShortcuts.exe

    • Size

      86KB

    • MD5

      0b0f7f4080cb14f33dd4b240b0f5c7f2

    • SHA1

      795cce5554bbb5a5fa85a920965e89f3df1964fb

    • SHA256

      8afa0da48df023bc22d1aef74a08fa0cd8965324fb31cdc6fe989739b0a3107e

    • SHA512

      78eabd9f9c7ff3be102e12e5e9694834a4b46e61a422df095bc86e4f755e361b6eb12d5e99a113b350c0cc177cb0ec2d3c7c211f936c8606cb18870f68e97a75

    • SSDEEP

      1536:Xa28Axv2H7zKxpjf4iDt0ZB1pIAxD/QmJScwm:q1VCAx7QmN

    Score
    3/10
    behavioral21behavioral22

    • Target

      uninst.exe

    • Size

      150KB

    • MD5

      9b85c3ff3184aa53f4f28b8c6253babf

    • SHA1

      ab23d393eb0c0b622bc7b6ea62f31c2c5d7fecb2

    • SHA256

      b29fad48875e434911692a13881cc49c2349b9ed402316da67cc5da3daea191f

    • SHA512

      fb6629c3cfb892d8bdfa6e3d1061ec8926c6d09f23d26033afa95b8ebc7284c52fcb9f481945431bb76bef411364c63f84c77068b5717506e6dd22ccbc270b68

    • SSDEEP

      3072:1aF6FILxuJ8JutbHewZuOf/iYxnlJQGpwsIdQS:+O9jt6wZug3puGS

    Score
    10/10
    evasiontrojanupx

    • UAC bypass

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral23behavioral24

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      07f3b3445f66e1089567796bf3c8be78

    • SHA1

      851eb574c1067b23a654f8aa47b17ef599b24d1c

    • SHA256

      a505e6c537a5ce0166227dda9f7671605395592ac9f1a3764e8a01b713939db1

    • SHA512

      8c56308fff3a947b26fd0d98dbdd96c406ddf967f5d7abee8cba082b6c46a4e575094bb0bb981551ac5160bb5089cf6fb125dd17a659c427e28c07402adab1c3

    • SSDEEP

      192:pzi5iBjGHp29db9Dd+w6VPESclh3I8dYvwqu7hwbbHF1QuCb:pO5kjGHSDdgjo6pvwqu72bbMum

    Score
    3/10
    behavioral25behavioral26

    • Target

      $PLUGINSDIR/System.dll

    • Size

      9KB

    • MD5

      afd989ef7eec6bf952bedfce541fe236

    • SHA1

      5654b71c5b1089c2cec6381d8da5bd14a14e1a37

    • SHA256

      5e97602008ba004c72d58f71e77ffe0a0ea01103867eb12a9ec0f28e72f440d8

    • SHA512

      f4e3d88477d39218667dd482a08904b2b69435db7d1fdd492380544aff83895d393a288c329da69074b69c68f51db45f694dfea81fc12fa2042ed43b3d06440c

    • SSDEEP

      192:XZNEnGTkTwat3s8pXqrpxwvcq5/pZquJKeS:y3nX/N/P9JJS

    Score
    3/10
    behavioral27behavioral28

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.