Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5bcfb042c2d563e10285f4f0b659440c_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240719-nxq37ssfne

  • MD5

    5bcfb042c2d563e10285f4f0b659440c

  • SHA1

    64b0d4871ecd3cea738ad1c4df05654f8de02db6

  • SHA256

    b3b8baae3ca6b7d301d5bcd45859c6f00eef17bdd8b2ef1d7571b85d83fef4e4

  • SHA512

    35cc0ed2837af0afdd8c64262d3ab0c6189e80161fcc0417355a0109b120b94f57081ec4a70fc23352bf5032f03505dd739000f5b7e0ab7818b067318745434c

  • SSDEEP

    98304:oIiY5GZf/l0EKVWJO8CT7uKgKJ3vyvYES:0YENnKkJOHB7

Malware Config

Targets

    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/D3DX81ab.dll

    • Size

      333KB

    • MD5

      bcff56f41e11f624d520cb390592b9bd

    • SHA1

      76450720967bcb9131ac87349b344bef5a4000df

    • SHA256

      f26f8877499bcc74327dbf5befc5940e75ac42464bdd567b7bd010d1b8db77f1

    • SHA512

      9d07b5d32ca138d4ca4dbcee65003e4e399e90a1ee7a8d14fd64b303c00b409a1a3500234c6c8b5d0854258d7d97ed0dc07b597e34ff25212ad212e7697e8ae8

    • SSDEEP

      6144:odn7KUO/dJTwFUN8Gtioi/0Y7f8GrA8KYrYWCVfBCIFZU2/7JlkJvg9A:qCJTjWGtLinUGrLeEIfktgS

    Score
    3/10
    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/WoptiDefrag.dll

    • Size

      304KB

    • MD5

      438f0f9620ccbb106e50ecb0da686562

    • SHA1

      9c568b2bcdd728135e85dca0fcb6117d05266702

    • SHA256

      670026e4e8074f730e2ccf48c2abeac5292898ebc075555d45caf1337459c01a

    • SHA512

      ba339da86cdeee52e46cf9537de02f0a5ba9875011d981795f7ca6dbe1f1326a4e3749b514485672803cec9f78f9742732d4c04492e9f8f48bba9b9a4b72e1ae

    • SSDEEP

      6144:1j29B/E9eQVTqlZGeLeuZHVxBJd2/aYZi:1y9B/OeLeuZHVxBJd2yYs

    Score
    1/10
    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/WoptiDefragVista.dll

    • Size

      325KB

    • MD5

      4f4c862fe3e8cbbb99cf93564c090853

    • SHA1

      e5de2908b77bf900dedce3db3c99e5c38af88b14

    • SHA256

      0976abceadd157349532a2a699982f551c8055f3134d54d3a20054856734f9e4

    • SHA512

      673c49c183243f8ff79d19a178290f848869119f350ba377c41173d461c178d8c2d297b0849c102bb2da19004c0f84d70a4fd562c017628e429f852aae2b949c

    • SSDEEP

      3072:sg3YY8AftwcpYRJUnaZCiWEtJInefesMSKjdrlLzhT+HfOak9N361ljU6XtiYD1m:5IFBtJ49sMSKjdrtzofkAlgYDB5EZ9n

    Score
    1/10
    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/WoptiHWDetect.sys

    • Size

      4KB

    • MD5

      c72a74f712f774203cae5013911b2de0

    • SHA1

      19459e4f8dcae965844f428129c849ffb9717718

    • SHA256

      2fb21f8fdc7493a8563728f0ac71f6c1f397579727d4b2ca9a17abff01a57cdf

    • SHA512

      0baffa3a74edc5b1e9c06e23c6ddfab6c40eb909c4002daea58793b342f7b48fbcedbb195040b61ca236252c7c5ea04cb7c6493549d4f84a8dfcacdde671679d

    • SSDEEP

      48:AMWr+Ms2hYzKkiRfBlkMpsgEakZQN90LnGUo/MGFvVRRU6t9AtcbMtEqzDNIo/C:RWr+MFYziRfPkPakiWnnZa/ztCtTVt

    Score
    1/10
    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/WoptiP2P.dll

    • Size

      384KB

    • MD5

      9a2491d26be06ab85d0ee7020016738c

    • SHA1

      de9ac7618be1f4b9ecff7e6274e426b8a6d9c83e

    • SHA256

      544b2690fb7e5245bd8de483993528e63c6f4c583023ee5201f83831b8c4b1ac

    • SHA512

      2704f3184c1b1aace5cb7d06a9b8d21459192c0599c5bc1307a8c35154f471a12991728d2be2f648479d58ca0e5294b05d382c557a818686037786d77b1b59bc

    • SSDEEP

      6144:6bIMwJ0GFChs7oEccwxnmokMzHGdctoBL29mbyfWRkv35JJCE6x2LWgnfMr3afPl:1MkC9Ec1nmokgoV0mEWRlE6syu

    Score
    3/10
    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/WoptiUtilities.exe

    • Size

      2.1MB

    • MD5

      aacdb052b4adfc3e570a7a6619719c58

    • SHA1

      028f5442c31a29f19cf837d0818d89f7d933e167

    • SHA256

      81b87dd0a52d81cc0426dce1c26e9db39073bb28389ab24c0ec12ac4756c4c06

    • SHA512

      f67e01fae7efc63852756a92815b313070bf2bbad63bc3b743e8f63b7532afb14205be0061f225249d88814b2c363077f8ecc9cfdf269ab188a3f69c1f2e33e7

    • SSDEEP

      24576:kMguKLQHQ4rCdAZBG7N6wCRGTwjsOWsCMPqWJuOBveeBrv9KDxb020B9HEihsKmr:kMRBTnqN6wCREXpeJm2EiQ94nt7/q5

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/Woptiglobe.dll

    • Size

      107KB

    • MD5

      7516165cda4b3401f6b97e652aaef8d1

    • SHA1

      58bc4b29df91b697118a22438016cfadbff44036

    • SHA256

      6541d1e0c1982389cb45145f09f6e2433c76eaa88d3358300a6ed26abf442761

    • SHA512

      8ee02ef683708d98eb2df2f03a8adc8f985078f48ac6ae11f9dfc5a6efb35bac7304a7e6d023a97e5129af6ac7ed66b706cfa7166acdaddfd05d742c20240dfd

    • SSDEEP

      3072:iZOup54zfpVSkNeXM6aWv/pQpHBQdSxg0AlNtyZ9f51BXuM+rTVLh:wpIDSkNeXfvRyZ9fV+N

    Score
    1/10
    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    • Target

      Wopti.v7.91.Build.9.115.By.MyCrack/磁盘整理功能补丁.exe

    • Size

      177KB

    • MD5

      fe9e6fa6b1389a5db02585c3546b44d5

    • SHA1

      2ac07f0b6ec869fa54287cff3f9c78c902b5a67a

    • SHA256

      4243d05b66e2f8eac9857979e997fd46cdbed590573b43705e4975b122ca2311

    • SHA512

      d848b3bf02419c3e6d4e43707c2c181b2ffb9d17b14a9ee596418405e4521fd4d86bb60859e0f0abd39efee991e1cbeaf95c59595fe50ef6b9cdf153568a1863

    • SSDEEP

      3072:vajvU3moaZ1jvo1BT5LKNjyvXHO8BleswtukSgU4WsSiU9ffH6ZtVP1cfTlfrout:2vU3FqQT5KNGvOwlNwtFUoNU9fyfd1cL

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks