Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5a2f27e992...18.exe

windows7-x64

7

5a2f27e992...18.exe

windows10-2004-x64

7

$TEMP/mirc722.exe

windows7-x64

7

$TEMP/mirc722.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDIR/mIRC.dll

windows7-x64

1

$PLUGINSDIR/mIRC.dll

windows10-2004-x64

1

ircintro.chm

windows7-x64

1

ircintro.chm

windows10-2004-x64

1

mirc.chm

windows7-x64

1

mirc.chm

windows10-2004-x64

1

mirc.exe

windows7-x64

7

mirc.exe

windows10-2004-x64

7

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDIR/mIRC.dll

windows7-x64

1

$PLUGINSDIR/mIRC.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5a2f27e9921618ff08b3130aab85cad3_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240719-ddrkhssfle

  • MD5

    5a2f27e9921618ff08b3130aab85cad3

  • SHA1

    91ff708778cef1dcf0bc5ed7fc25f96481e9564e

  • SHA256

    bd596b7c49cb63c8b73a815c4eceb0149ccaee34d124dc9cf5e5c5304dde7a5f

  • SHA512

    817de560909e625490637b120b4da486c655a059b94298336bf59b4a935f5c1e211e6e37d7064b2f2c29a1326f3d5ba2eca41f947eba6c6f7d78a7dc81098588

  • SSDEEP

    49152:J9ylGZAIvZerccP70i1qfLe0U2D7XaA3YNKol7PAdM:JwlGaIKccP7ce0lLaA3YN7IG

Score
7/10
evasiontrojan

Malware Config

Targets

    • Target

      5a2f27e9921618ff08b3130aab85cad3_JaffaCakes118

    • Size

      1.8MB

    • MD5

      5a2f27e9921618ff08b3130aab85cad3

    • SHA1

      91ff708778cef1dcf0bc5ed7fc25f96481e9564e

    • SHA256

      bd596b7c49cb63c8b73a815c4eceb0149ccaee34d124dc9cf5e5c5304dde7a5f

    • SHA512

      817de560909e625490637b120b4da486c655a059b94298336bf59b4a935f5c1e211e6e37d7064b2f2c29a1326f3d5ba2eca41f947eba6c6f7d78a7dc81098588

    • SSDEEP

      49152:J9ylGZAIvZerccP70i1qfLe0U2D7XaA3YNKol7PAdM:JwlGaIKccP7ce0lLaA3YN7IG

    Score
    7/10
    evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

    • Target

      $TEMP/mirc722.exe

    • Size

      1.8MB

    • MD5

      0053b57a967282e0be0aaace0ec9808f

    • SHA1

      9b3b0831199027b686eebe0d4f3411fd4db959d2

    • SHA256

      c69a992ebd2b2d11ed62aef426de16bb18d1de5293e36320215de3b9f4a6c062

    • SHA512

      7d74642cffd586f0c550382836cbb780aeae9b246379589c40297a7819a7f1ebd38e30b35179df662974a93790041042f73c2f21db405fa06df700465d49fd55

    • SSDEEP

      49152:OmnFZaRrDLNUKdFVioL7YXfR7/P/ec8aiuq:fFYx1bVxgZ9I

    Score
    7/10
    evasiontrojan
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/AccessControl.dll

    • Size

      10KB

    • MD5

      055f4f9260e07fc83f71877cbb7f4fad

    • SHA1

      a245131af1a182de99bd74af9ff1fab17977a72f

    • SHA256

      4209588362785b690d08d15cd982b8d1c62c348767ca19114234b21d5df74ddc

    • SHA512

      a8e82dc4435ed938f090f43df953ddad9b0075f16218c09890c996299420162d64b1dbfbf613af37769ae796717eec78204dc786b757e8b1d13d423d4ee82e26

    • SSDEEP

      192:8SEWBGgiJM4LN+xq56XdNcNz/NWdlJmlyOcROQ:8SEPgii9KTzyt

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      17KB

    • MD5

      88ad3fd90fc52ac3ee0441a38400a384

    • SHA1

      08bc9e1f5951b54126b5c3c769e3eaed42f3d10b

    • SHA256

      e58884695378cf02715373928bb8ade270baf03144369463f505c3b3808cbc42

    • SHA512

      359496f571e6fa2ec4c5ab5bd1d35d1330586f624228713ae55c65a69e07d8623022ef54337c22c3aab558a9b74d9977c8436f5fea4194899d9ef3ffd74e7dbb

    • SSDEEP

      384:59TzaeW+WyB8c7LX+OGkrwWvVrkUiEMAWm5nskAvXkq:5ZaB+W62Mr5vGUiEum5sk

    Score
    3/10
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/mIRC.dll

    • Size

      23KB

    • MD5

      37951d5d14c5b7d41899bfe3bcf965b8

    • SHA1

      3f429c58188753ce59ef159785c468790955a821

    • SHA256

      41e306c9396301950b4ed6e961736f70514fa57c9d872da11416e09fd0af50ee

    • SHA512

      ba714c83eb2b89e353344b45949090e367b53ab04251ed316c43af60340e3f0d47323b15f4f9929c48910ac18e78178fb4f4dfa1f366ffbcdb6186eb3df15027

    • SSDEEP

      384:w9OMMDa6kKNvS9ig5R6bTEsfvdFA0ku8i8oo4uGPGc5lT:wjM+Ng3Es3dFAdiD1Oc5

    Score
    1/10
    behavioral15behavioral16

    • Target

      ircintro.chm

    • Size

      74KB

    • MD5

      54894412afd9245018c61ab16f8fdf71

    • SHA1

      97027061402d2f567d262f67c40104a9676e1016

    • SHA256

      220be6f09b32b09be6394b10e278d1e62520ef2ea83707f5d48523bac11ff547

    • SHA512

      a2c18c7e74f386cfa84244265cf43d9e7476ec22eb9561c4bcc3bedf12730ef6b80d8255ab1a15e33ff3298cfc0bdab5e90f28f00f737ff2dda8aae50d3e3331

    • SSDEEP

      1536:sm41sU6WD8cMEfx1ndHrsA+TPrEzqsj0gcNbsctcXk0n:7gsUD8Efvnxrp+TzEGJxbsfkC

    Score
    1/10
    behavioral17behavioral18

    • Target

      mirc.chm

    • Size

      353KB

    • MD5

      9144864d7553b10c9cbe0fdade1420ba

    • SHA1

      8148995446dd5afa72f83d4b31ddd23019421a34

    • SHA256

      391130b9a2900d33ccfa71d7837692227e7a20d1e7163bc7caeec1b04217ed4f

    • SHA512

      a64a459c22372fd051611a20e252d3c0d1e2f5b6c97903ce1e3487393ed94c5fdbd47400273faa012055f1de5753927b40e15cefa0287a7d4031e4f2b788fd74

    • SSDEEP

      6144:qavZfALz8xcWUdqAvOUQjlQrDQYUpILgFJeuRx7NsgxoD5Z1aleH9zbplEQMJI:xAXF7AcOzw6yLgF8uRx76NZ1tdzXEpI

    Score
    1/10
    behavioral19behavioral20

    • Target

      mirc.exe

    • Size

      3.1MB

    • MD5

      912dfaee60f144853a33231688312686

    • SHA1

      5e6c5a2c8860fb74d34ed1e6208f78d731f34ef9

    • SHA256

      13a73d14f028af648394002fc483a60c4f93beaf55eecfcdbc5364331b7dd5e0

    • SHA512

      3d9ccf47dba83b484dea530f730bc30b044d92dec0f50469f11726af1fa964613c6231fdfa3cd4039cbee723c53188d630a069be9741347b06c05e5b2a53b858

    • SSDEEP

      49152:JjfkX4IMjEzU//67yweAk5HPdug0TVxNYRf:Jg4IMZ+ywOPduTnYt

    Score
    7/10
    evasion

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion
    behavioral21behavioral22

    • Target

      uninstall.exe

    • Size

      127KB

    • MD5

      0e144a993262f7e49c99b0de1dc4f103

    • SHA1

      d09935edcfe4c35489fa503452e36b3c83c6a12b

    • SHA256

      936ccf8115ea5fceefa08f6f77ea53e61b436342f46665f9e57b5fb8425af7c9

    • SHA512

      300e9379f2249205a523b0d94d93f02bc3cc441e28951f5bc539530d2f3783d11d7d6c48c3d21cf4dd5f5a15ed3dea005ac62215b29bb0a8a98aa2cc70c5d76c

    • SSDEEP

      3072:qQIURTXJDUXRDBbuteuWb9tXcwjisModOBnX:qsJUhDBytywJX

    Score
    7/10
    evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral23behavioral24

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    behavioral25behavioral26

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral27behavioral28

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      17KB

    • MD5

      88ad3fd90fc52ac3ee0441a38400a384

    • SHA1

      08bc9e1f5951b54126b5c3c769e3eaed42f3d10b

    • SHA256

      e58884695378cf02715373928bb8ade270baf03144369463f505c3b3808cbc42

    • SHA512

      359496f571e6fa2ec4c5ab5bd1d35d1330586f624228713ae55c65a69e07d8623022ef54337c22c3aab558a9b74d9977c8436f5fea4194899d9ef3ffd74e7dbb

    • SSDEEP

      384:59TzaeW+WyB8c7LX+OGkrwWvVrkUiEMAWm5nskAvXkq:5ZaB+W62Mr5vGUiEum5sk

    Score
    3/10
    behavioral29behavioral30

    • Target

      $PLUGINSDIR/mIRC.dll

    • Size

      23KB

    • MD5

      37951d5d14c5b7d41899bfe3bcf965b8

    • SHA1

      3f429c58188753ce59ef159785c468790955a821

    • SHA256

      41e306c9396301950b4ed6e961736f70514fa57c9d872da11416e09fd0af50ee

    • SHA512

      ba714c83eb2b89e353344b45949090e367b53ab04251ed316c43af60340e3f0d47323b15f4f9929c48910ac18e78178fb4f4dfa1f366ffbcdb6186eb3df15027

    • SSDEEP

      384:w9OMMDa6kKNvS9ig5R6bTEsfvdFA0ku8i8oo4uGPGc5lT:wjM+Ng3Es3dFAdiD1Oc5

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

evasiontrojan
Score
7/10

behavioral2

evasiontrojan
Score
7/10

behavioral3

evasiontrojan
Score
7/10

behavioral4

evasiontrojan
Score
7/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

evasion
Score
7/10

behavioral22

evasion
Score
7/10

behavioral23

evasiontrojan
Score
7/10

behavioral24

evasiontrojan
Score
7/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
1/10

behavioral32

Score
1/10