531313033fdb71c44c0791f56679e55c36f06fa6250f90f68ebaf42e7a2a044b

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5f614b3d2a...18.exe

windows7-x64

5f614b3d2a...18.exe

windows10-2004-x64

$PLUGINSDI...in.dll

windows7-x64

$PLUGINSDI...in.dll

windows10-2004-x64

$PLUGINSDI...rt.dll

windows7-x64

$PLUGINSDI...rt.dll

windows10-2004-x64

$PLUGINSDIR/Base.dll

windows7-x64

$PLUGINSDIR/Base.dll

windows10-2004-x64

$PLUGINSDI...er.dll

windows7-x64

$PLUGINSDI...er.dll

windows10-2004-x64

$PLUGINSDI...ol.dll

windows7-x64

$PLUGINSDI...ol.dll

windows10-2004-x64

$PLUGINSDI...rt.dll

windows7-x64

$PLUGINSDI...rt.dll

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

$PLUGINSDI...em.dll

windows10-2004-x64

$PLUGINSDIR/Utils.dll

windows7-x64

$PLUGINSDIR/Utils.dll

windows10-2004-x64

$PLUGINSDI...00.dll

windows7-x64

$PLUGINSDI...00.dll

windows10-2004-x64

$PLUGINSDI...00.dll

windows7-x64

$PLUGINSDI...00.dll

windows10-2004-x64

$_15_/Baid...ce.dll

windows7-x64

$_15_/Baid...ce.dll

windows10-2004-x64

$_15_/Baid...ll.dll

windows7-x64

$_15_/Baid...ll.dll

windows10-2004-x64

$_15_/Baid...ot.exe

windows7-x64

$_15_/Baid...ot.exe

windows10-2004-x64

BDDocker.dll

windows7-x64

BDDocker.dll

windows10-2004-x64

BDDocker.exe

windows7-x64

BDDocker.exe

windows10-2004-x64

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
20/07/2024, 06:29

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5f614b3d2a686b4995c38b91324d8fdb_JaffaCakes118.exe

Resource

win7-20240708-en

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

5f614b3d2a686b4995c38b91324d8fdb_JaffaCakes118.exe

Resource

win10v2004-20240709-en

bootkit discovery persistence

windows10-2004-x64

20 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/BDMSkin.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/BDMSkin.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/BaiduReport.dll

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/BaiduReport.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/Base.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/Base.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/InstallHelper.dll

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/InstallHelper.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/Protocol.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/Protocol.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

$PLUGINSDIR/Report.dll

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

$PLUGINSDIR/Report.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

$PLUGINSDIR/Utils.dll

Resource

win7-20240705-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

$PLUGINSDIR/Utils.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

$PLUGINSDIR/msvcp100.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

$PLUGINSDIR/msvcp100.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

$PLUGINSDIR/msvcr100.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

$PLUGINSDIR/msvcr100.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

$_15_/Baidu/Baidu/plugin/extends/game/1.0.0.3/JoystickService.dll

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

$_15_/Baidu/Baidu/plugin/extends/game/1.0.0.3/JoystickService.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

$_15_/Baidu/Baidu/plugin/extends/jietu/2.101.0.65/jietuDll.dll

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

$_15_/Baidu/Baidu/plugin/extends/jietu/2.101.0.65/jietuDll.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

$_15_/Baidu/Baidu/plugin/extends/jietu/2.101.0.65/screensnapshot.exe

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

$_15_/Baidu/Baidu/plugin/extends/jietu/2.101.0.65/screensnapshot.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

BDDocker.dll

Resource

win7-20240704-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

BDDocker.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

BDDocker.exe

Resource

win7-20240704-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

BDDocker.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

$_15_/Baidu/Baidu/plugin/extends/jietu/2.101.0.65/screensnapshot.exe
Size

846KB
MD5

0d6565a576325305206d93f153ad908a
SHA1

423c5f1bd4cd137dd78015bd8bfa038c04011878
SHA256

57ae5705db88a7bb6e8dd99c5d788b43d384b7759b6da206f292f71d81aece74
SHA512

947f5633e49f7f0a6cba97c8caf0de2d820613f1de20faf7ca295e0089b23ac663f74610d5395281d200b1a98623dbf72e552c2c7e7540dcc0b84c1cb6b36617
SSDEEP

12288:s8YZO9vzsHTfjnqJp0BJ1lJJgeUoMXay9a0DFsNXM77WSjKR1t0+zXZMOQqFTRjz:sDJ6eXMqy9aSsNOySjKRZeOQ02PE

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\$_15_\Baidu\Baidu\plugin\extends\jietu\2.101.0.65\screensnapshot.exe
"C:\Users\Admin\AppData\Local\Temp\$_15_\Baidu\Baidu\plugin\extends\jietu\2.101.0.65\screensnapshot.exe"
1⤵
PID:2528

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads