Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

494b4a4f6f...18.exe

windows7-x64

3

494b4a4f6f...18.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Unlocker.exe

windows7-x64

1

Unlocker.exe

windows10-2004-x64

1

UnlockerAssistant.exe

windows7-x64

1

UnlockerAssistant.exe

windows10-2004-x64

1

UnlockerCOM.dll

windows7-x64

1

UnlockerCOM.dll

windows10-2004-x64

1

UnlockerDriver5.sys

windows7-x64

1

UnlockerDriver5.sys

windows10-2004-x64

1

UnlockerHook.dll

windows7-x64

1

UnlockerHook.dll

windows10-2004-x64

1

eBay_short...16.exe

windows7-x64

7

eBay_short...16.exe

windows10-2004-x64

3

eBayShortcuts.exe

windows7-x64

1

eBayShortcuts.exe

windows10-2004-x64

3

uninst.exe

windows7-x64

3

uninst.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    494b4a4f6f9fc3d298619519417bac4a_JaffaCakes118

  • Size

    297KB

  • Sample

    240715-ly4dta1alm

  • MD5

    494b4a4f6f9fc3d298619519417bac4a

  • SHA1

    c1e1bda6a632ae178386b89da3a3d15d97ef9bca

  • SHA256

    d4979877d317ac3ee167239f647f6a55a821cfac7875528e3bbecb7110f2f60b

  • SHA512

    b81e78488654f27fb9c8725e4f0c1555eefabe8958a72dd36a90362689aebc990213f4aafc082baebe6f6683082aad0a7bac62365ca3854df36598db4e33f320

  • SSDEEP

    6144:+O9jt6wZu8OGauB794zlvkuymdzXZIwaUPT3Pbkx:oQauB794zny3wpPbbkx

Score
10/10
evasiontrojanupx

Malware Config

Targets

    • Target

      494b4a4f6f9fc3d298619519417bac4a_JaffaCakes118

    • Size

      297KB

    • MD5

      494b4a4f6f9fc3d298619519417bac4a

    • SHA1

      c1e1bda6a632ae178386b89da3a3d15d97ef9bca

    • SHA256

      d4979877d317ac3ee167239f647f6a55a821cfac7875528e3bbecb7110f2f60b

    • SHA512

      b81e78488654f27fb9c8725e4f0c1555eefabe8958a72dd36a90362689aebc990213f4aafc082baebe6f6683082aad0a7bac62365ca3854df36598db4e33f320

    • SSDEEP

      6144:+O9jt6wZu8OGauB794zlvkuymdzXZIwaUPT3Pbkx:oQauB794zny3wpPbbkx

    Score
    10/10
    evasiontrojanupx

    • UAC bypass

      evasiontrojan

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      07f3b3445f66e1089567796bf3c8be78

    • SHA1

      851eb574c1067b23a654f8aa47b17ef599b24d1c

    • SHA256

      a505e6c537a5ce0166227dda9f7671605395592ac9f1a3764e8a01b713939db1

    • SHA512

      8c56308fff3a947b26fd0d98dbdd96c406ddf967f5d7abee8cba082b6c46a4e575094bb0bb981551ac5160bb5089cf6fb125dd17a659c427e28c07402adab1c3

    • SSDEEP

      192:pzi5iBjGHp29db9Dd+w6VPESclh3I8dYvwqu7hwbbHF1QuCb:pO5kjGHSDdgjo6pvwqu72bbMum

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      2c3c8976d729d28478a789217a882291

    • SHA1

      10c18b23fac957419547ef0f8ec3bc1b10e91e79

    • SHA256

      799f91bdd59f2133bf195c5b4ca685ee91666d981a6bcd8a6c45b7c8ecc96eef

    • SHA512

      749c650974f94cc5009124d3fa3d9bb1ee5824a3fa0a76b81733e08379678a2a1b7c54b77d1709fb6de24c81c68c03c0ec3e9ec5ccad0d30d9237300794f1213

    • SSDEEP

      48:aefTYzqi+/XC1aQbkMIwovgxbLuwOWd8s/d79C6O4MWNEYJvRZJ0dfh80:22XC1XkH/ohLZDSs/d799O4MQE0R4

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      9KB

    • MD5

      afd989ef7eec6bf952bedfce541fe236

    • SHA1

      5654b71c5b1089c2cec6381d8da5bd14a14e1a37

    • SHA256

      5e97602008ba004c72d58f71e77ffe0a0ea01103867eb12a9ec0f28e72f440d8

    • SHA512

      f4e3d88477d39218667dd482a08904b2b69435db7d1fdd492380544aff83895d393a288c329da69074b69c68f51db45f694dfea81fc12fa2042ed43b3d06440c

    • SSDEEP

      192:XZNEnGTkTwat3s8pXqrpxwvcq5/pZquJKeS:y3nX/N/P9JJS

    Score
    3/10
    behavioral7behavioral8

    • Target

      Unlocker.exe

    • Size

      85KB

    • MD5

      aeb7861bf49f5d0b1834e3571bca1803

    • SHA1

      dfc9af417868a6d5023d2fd6b487d3139d781f3f

    • SHA256

      a85f81b612b907b88b4ae0068f50d091031e7026e33831b9e4d1680f2be78f4f

    • SHA512

      b215b1e29d77bda9359bc0934bece99e93f8daec8e2e12b5d42cf873c66e93d267c7b73cd1dd03ed9a685133c6bd89ed7f9238f598e483c2c1ab2ee4e5d651ff

    • SSDEEP

      1536:1juMk1QewWFHiUzyJBGMXW6hlFTaBpTwUFbFkKABTP4ZhOQS62Sl3niH/q:0dwWJiUzTMXW6MkDKABTP4ZM1o3+/

    Score
    1/10
    behavioral10behavioral9

    • Target

      UnlockerAssistant.exe

    • Size

      15KB

    • MD5

      403e928ba217e38485009636c793f3c9

    • SHA1

      2db1a193f60139fb7da1c21b9a6558d75694f996

    • SHA256

      7e19483efccc4e439444025a25c781439a88b95622262775e721f67319b83457

    • SHA512

      870937a2a923a7b6905c5e8b844a5840d012678cd698013e94b0cf265677643cde05ceebbbf7f848273a44e83eb0b6a2ae5749d4e9c9f438c57838a5021475e6

    • SSDEEP

      192:nbr+2TqhWJa+De9zf8pRvBpD3FMXKv+abapT4SYCjtTGcrkOLQPF8llmY:nv/T3Pe9z0pRb3h+abUT4uJxLU8lE

    Score
    1/10
    behavioral11behavioral12

    • Target

      UnlockerCOM.dll

    • Size

      10KB

    • MD5

      da66ceaf1def4da337f1542e0308483d

    • SHA1

      cc62fce6bd958292064127a723bd936b95960edd

    • SHA256

      fa029fb257464e1d18e3695f886bb66187218c4cc82e2c80936a51db56ccd586

    • SHA512

      96708333bac542b7d88a133c2c06aa5b3aadb80edf63ede21a234047f2ad63714699cef8f66630052b9e35daff6bb34ee9b72d519af8ba6c9f3bac96d809a676

    • SSDEEP

      192:k/+TMPhYSg1aKp94lyRJBRY+lxQ4xX9DDAveJjIK7:k2TMPhan4ybFlxQ4dt4wd

    Score
    1/10
    behavioral13behavioral14

    • Target

      UnlockerDriver5.sys

    • Size

      4KB

    • MD5

      4847639d852763ee39415c929470f672

    • SHA1

      ba5bf16f30378754dd06f0610a8e833421cf43ea

    • SHA256

      75cf9471ba3ea54e5be66cd7612da134b3370d7c3fba8b2682093c03a0ad87b5

    • SHA512

      21d02f833ac1ff3df4a0fff8452c7020dac0c892432fc4e06ba622aeca990954c445a57e399055c5c0dcc56552c33cae98d549efa45f7e0c0105fe8adc5da0b6

    Score
    1/10
    behavioral15behavioral16

    • Target

      UnlockerHook.dll

    • Size

      4KB

    • MD5

      78d62115f51b641a9f12afdf50a352fc

    • SHA1

      b801bfa7200bd378c53056e3b330dd4d2bfc622a

    • SHA256

      38e03771b1de28f3bc950fcab0180c089b626ae8c8a4635f4df22028b4f71dde

    • SHA512

      061a8f13d1e9c4f3ac4183ed0a89dd940c89ab6c1962af53028cc871bf9f2eaf15cfbe0facbcec21612a81fafcac789d64cb4cbf6847165ff7a2af60467707d9

    • SSDEEP

      48:C5H6MwSw43mN6MB+xolFebsyJaeGIGDTHxRNimznQ4wZK0E8ee1kAosky4+i+O:AHBn4BlFI4xpkEtjJ+7O

    Score
    1/10
    behavioral17behavioral18

    • Target

      eBay_shortcuts_1016.exe

    • Size

      60KB

    • MD5

      25bacc8b5eff6ce21247aa497a76899b

    • SHA1

      ba6c6840226b65fedee212ea4cdf0dff3cd70dee

    • SHA256

      77be1948f4fe4fd51902dc5ab17976caa5e29751da5954cc567e546d688da47c

    • SHA512

      f96544cde0fd32cb668c2bf6972eb0f7ce6a628f6e4372b7227ed0262249618192bf0ab5e6a7fd6794b3077f069ded003015fbb9b0817eeb4777255fa4101d17

    • SSDEEP

      1536:PjmS7uQiR7abLJqiX0DImJicz5sJ6RWOM+Dat:PjhhbyDImJiNYEOM+E

    Score
    7/10

    • Loads dropped DLL

    behavioral19behavioral20

    • Target

      eBayShortcuts.exe

    • Size

      86KB

    • MD5

      0b0f7f4080cb14f33dd4b240b0f5c7f2

    • SHA1

      795cce5554bbb5a5fa85a920965e89f3df1964fb

    • SHA256

      8afa0da48df023bc22d1aef74a08fa0cd8965324fb31cdc6fe989739b0a3107e

    • SHA512

      78eabd9f9c7ff3be102e12e5e9694834a4b46e61a422df095bc86e4f755e361b6eb12d5e99a113b350c0cc177cb0ec2d3c7c211f936c8606cb18870f68e97a75

    • SSDEEP

      1536:Xa28Axv2H7zKxpjf4iDt0ZB1pIAxD/QmJScwm:q1VCAx7QmN

    Score
    3/10
    behavioral21behavioral22

    • Target

      uninst.exe

    • Size

      150KB

    • MD5

      9b85c3ff3184aa53f4f28b8c6253babf

    • SHA1

      ab23d393eb0c0b622bc7b6ea62f31c2c5d7fecb2

    • SHA256

      b29fad48875e434911692a13881cc49c2349b9ed402316da67cc5da3daea191f

    • SHA512

      fb6629c3cfb892d8bdfa6e3d1061ec8926c6d09f23d26033afa95b8ebc7284c52fcb9f481945431bb76bef411364c63f84c77068b5717506e6dd22ccbc270b68

    • SSDEEP

      3072:1aF6FILxuJ8JutbHewZuOf/iYxnlJQGpwsIdQS:+O9jt6wZug3puGS

    Score
    10/10
    evasiontrojanupx

    • UAC bypass

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral23behavioral24

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      07f3b3445f66e1089567796bf3c8be78

    • SHA1

      851eb574c1067b23a654f8aa47b17ef599b24d1c

    • SHA256

      a505e6c537a5ce0166227dda9f7671605395592ac9f1a3764e8a01b713939db1

    • SHA512

      8c56308fff3a947b26fd0d98dbdd96c406ddf967f5d7abee8cba082b6c46a4e575094bb0bb981551ac5160bb5089cf6fb125dd17a659c427e28c07402adab1c3

    • SSDEEP

      192:pzi5iBjGHp29db9Dd+w6VPESclh3I8dYvwqu7hwbbHF1QuCb:pO5kjGHSDdgjo6pvwqu72bbMum

    Score
    3/10
    behavioral25behavioral26

    • Target

      $PLUGINSDIR/System.dll

    • Size

      9KB

    • MD5

      afd989ef7eec6bf952bedfce541fe236

    • SHA1

      5654b71c5b1089c2cec6381d8da5bd14a14e1a37

    • SHA256

      5e97602008ba004c72d58f71e77ffe0a0ea01103867eb12a9ec0f28e72f440d8

    • SHA512

      f4e3d88477d39218667dd482a08904b2b69435db7d1fdd492380544aff83895d393a288c329da69074b69c68f51db45f694dfea81fc12fa2042ed43b3d06440c

    • SSDEEP

      192:XZNEnGTkTwat3s8pXqrpxwvcq5/pZquJKeS:y3nX/N/P9JJS

    Score
    3/10
    behavioral27behavioral28

MITRE ATT&CK Enterprise v15

Tasks