Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    61901604ebf438822f721a051bdf4f53_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240721-1v6gbswhmd

  • MD5

    61901604ebf438822f721a051bdf4f53

  • SHA1

    e7a3fe6b12a188d8f352a259e1a7a78310cc3460

  • SHA256

    a4e10fe06bb5202f8b07f3264adf23bd3d3825e214fef6b096adbe5d6a530e91

  • SHA512

    fb0ea549b0f2101954b1247bec2ad74ffa2c67bafeb7973746e342be0cdc3090e1ade6722ca577a574223e304076ba488a0e10f537673613e7c843a02b21a484

  • SSDEEP

    24576:nMM7up2lA3/eU93w26xznXN0fyaU3iPeuBqpwiwuNPITldbWn1mBbeIk:MklGWUFw5DN0bGuUp0u2Jw1mBbeIk

Score
7/10

Malware Config

Targets

    • Target

      61901604ebf438822f721a051bdf4f53_JaffaCakes118

    • Size

      1.2MB

    • MD5

      61901604ebf438822f721a051bdf4f53

    • SHA1

      e7a3fe6b12a188d8f352a259e1a7a78310cc3460

    • SHA256

      a4e10fe06bb5202f8b07f3264adf23bd3d3825e214fef6b096adbe5d6a530e91

    • SHA512

      fb0ea549b0f2101954b1247bec2ad74ffa2c67bafeb7973746e342be0cdc3090e1ade6722ca577a574223e304076ba488a0e10f537673613e7c843a02b21a484

    • SSDEEP

      24576:nMM7up2lA3/eU93w26xznXN0fyaU3iPeuBqpwiwuNPITldbWn1mBbeIk:MklGWUFw5DN0bGuUp0u2Jw1mBbeIk

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      4KB

    • MD5

      258dd27107feabb1969908a9387a79d7

    • SHA1

      80f85b610e57d6ab07988cdae60c83300bef6a8f

    • SHA256

      f4fc1344c32ad1c075067c6abfd168a1815dbc6f97103e83e7e8e708230889d2

    • SHA512

      e2df96efab3ea794e75b6a3c9038601c7abd956b41fbbcc4fb60013e0d319d9978f539dc0f944778d05d2e384192d918e06dce8bf76f355d0cbfd142313b9a2b

    Score
    1/10
    • Target

      $TEMPLATES/Setup.txt

    • Size

      1.1MB

    • MD5

      357a8dd0433cde3759f13b42f493c4e0

    • SHA1

      2ba4a971e1d398589233e770030581a9767d4240

    • SHA256

      2b4aa368f9b1363aa19b9de02f1b41fabde07d2359014eb456746cd7d66aba2c

    • SHA512

      ce0432ce668dc60841832b0c14babd4e77a055709d9e0d027a51c2c6b500d99348f71d9aea2f1846781623289845a6690c037b8a1a40da97402f34651ba86488

    • SSDEEP

      24576:FN605Kioe+2CrVFJwQmel0xeSadHsrRbnJ7ZGNTgDVwy4uY11jKRJ8f:fVXQmeD5dHMjJ7MgDVN8KRJw

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      9a886711c559308c39c01c20e9d9a1e3

    • SHA1

      0f27cf1cf6e4960e140651b68d72ed4b92c58e9e

    • SHA256

      98be8860d38ad9cf31b55a1a04594de59eabad67510ba2a33ed20a80863ddfa4

    • SHA512

      4dabdd9ea7a8330a367589a3975a9dc7286b82c66efc7db118b4d7a2db08a467851c6d3dc991668e13c4dd5473aa974e9696a2226039db94df8b198da54354a3

    • SSDEEP

      192:3+8EHhdmwZYQBjHUEuX0esaONOs6zrMQQwoJwjwE6g//6IF7cBMEha:3qzBFHUENesmPdQwxj6g//QBMEh

    Score
    3/10
    • Target

      KKjie.exe

    • Size

      181KB

    • MD5

      67e89640d9ed9f8c7bc8a219e42a033f

    • SHA1

      d2e5402fca8646e7b09a26e2866c0ab013c113f7

    • SHA256

      d41dbe9ba5366a7701d9b45ab18a993476eedf34775e47a34fcc52f7ce690a3e

    • SHA512

      c4833e39457540e18c25320c12148c2532f685d706eace42f04838f815c210fa7428ce90cf64397d5e7fb9939e91e1af400db6bc46138b979e06cb139627fe92

    • SSDEEP

      3072:iZMJnTeM4cJJliRR7mH4QvaNCj3Vf7pfTLR/bNTubouYKux+PlXEcWxGAc+KTWYu:6eTeM/cRcH4QiNCjl75d1ubAV8ZWFcLM

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $EXEDIR/KKjie_safe.exe

    • Size

      377KB

    • MD5

      ac68dffc261c8625c5f2a94364ca10c9

    • SHA1

      d5873084dcf4a74631c9abe82f1afc3ba1216464

    • SHA256

      16694059e7073810021960bb709f814f42490a5219f7970fa201b3d8ef259db7

    • SHA512

      d7ab568b6906d6d0ff924da59983cb8def9cfbb76ed93371e815c26f2f59f3a33edef0e65419bdaee02bcf85efc7a5b856949de5c26afab689aeada50a705b59

    • SSDEEP

      6144:5wtFT4b6lH3XgRZD8A9TokLzgfrkrEHydPl/+xsXsTRztNf3js:YF88H3XgRZ3dz00d9/+xIs9js

    Score
    1/10
    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      4KB

    • MD5

      258dd27107feabb1969908a9387a79d7

    • SHA1

      80f85b610e57d6ab07988cdae60c83300bef6a8f

    • SHA256

      f4fc1344c32ad1c075067c6abfd168a1815dbc6f97103e83e7e8e708230889d2

    • SHA512

      e2df96efab3ea794e75b6a3c9038601c7abd956b41fbbcc4fb60013e0d319d9978f539dc0f944778d05d2e384192d918e06dce8bf76f355d0cbfd142313b9a2b

    Score
    1/10
    • Target

      $PLUGINSDIR/FindProcDLL.dll

    • Size

      3KB

    • MD5

      8614c450637267afacad1645e23ba24a

    • SHA1

      e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2

    • SHA256

      0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758

    • SHA512

      af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b

    Score
    3/10
    • Target

      KKjie_safe.exe

    • Size

      377KB

    • MD5

      ac68dffc261c8625c5f2a94364ca10c9

    • SHA1

      d5873084dcf4a74631c9abe82f1afc3ba1216464

    • SHA256

      16694059e7073810021960bb709f814f42490a5219f7970fa201b3d8ef259db7

    • SHA512

      d7ab568b6906d6d0ff924da59983cb8def9cfbb76ed93371e815c26f2f59f3a33edef0e65419bdaee02bcf85efc7a5b856949de5c26afab689aeada50a705b59

    • SSDEEP

      6144:5wtFT4b6lH3XgRZD8A9TokLzgfrkrEHydPl/+xsXsTRztNf3js:YF88H3XgRZ3dz00d9/+xIs9js

    Score
    1/10
    • Target

      KKjie_safe.hlp

    • Size

      33KB

    • MD5

      3c57fe4b35cf0a9685559c3e42911dfe

    • SHA1

      d107f41998c12832f04bd4a5f92e7a311b604048

    • SHA256

      d43f05f0bb99779a01ad4abf7260cda15da68592fae6a6176137b81529409bdc

    • SHA512

      86c857052b915b112f85525572ba8ce072b6565f7c032282b91d85e7d76a7742d9c5e2b00ee1620868e69dda985aefa80f48e1cd902b129bd26abead91e10d71

    • SSDEEP

      768:ChLHItpz2fjAxFfNPoVLTxUaW5enNDoisBW:CJIXy8xFfNPoVL15RNDbs

    Score
    1/10
    • Target

      languages/Chinese.lang

    • Size

      52KB

    • MD5

      c373c9337b2db700fe19c1b27564db74

    • SHA1

      2d6b681fdace3f06d003f814521662f0aa4d075a

    • SHA256

      ed100eb75601a8d6afce0dea67ab0fb9fa9fb49beb1966097dc66d15670f1e9c

    • SHA512

      5073b7e1acdb96a5f96f96bf7b4cbe940310ea3c8040b4f7feb662dd97d66b675f791d714fc117e21de82ad1a3926d7f98720140ad775f772c8f6dcf297adffb

    • SSDEEP

      768:E2XiSC1i3Dkku0sTfsNV1Fw6Vtf+EBAex8OMRm:Br7/vsTfsNFN8OIm

    Score
    1/10
    • Target

      xiezai.exe

    • Size

      40KB

    • MD5

      1896b0d7caae95ccffc41e8fab6ae088

    • SHA1

      44850e98a146be40086eed7aa71b352b2f67354d

    • SHA256

      8f797add4e857820016f6fff5b8d99d6b95a48ce6225a963a7dcbaa5fd3bf0e4

    • SHA512

      c543cfe89a02379758d524fa24b846b55435414484c037a3291dc8850ef88881eae59569ed94b40df838bb5adb7676cc46b39a71e455e2f5a1d35bc5fa8e3de2

    • SSDEEP

      768:3PH4rKS4GDkQBZ3ImWlTtEIRlJ+qFZ2bSgJzANqM3wJJNnRvOX+C/////2XRL:3f4exGDkeZ4mOoSgJEAJJhod/////2Xh

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/FindProcDLL.dll

    • Size

      3KB

    • MD5

      8614c450637267afacad1645e23ba24a

    • SHA1

      e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2

    • SHA256

      0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758

    • SHA512

      af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b

    Score
    3/10
    • Target

      $TEMPLATES/installstat.exe

    • Size

      44KB

    • MD5

      7c30927884213f4fe91bbe90b591b762

    • SHA1

      65693828963f6b6a5cbea4c9e595e06f85490f6f

    • SHA256

      9032757cabb19a10e97e158810f885a015f3dcd5ba3da44c795d999ea90f8994

    • SHA512

      8aadb5fd3750ab0c036c7b8d2c775e42688265b00fe75b43a6addaefc7ee20d9fa3f074dd7943570c8519943011eda08216e90551b6d6a782b9ed5ce20aa6bab

    • SSDEEP

      384:H+HHi0nKwn0RDbwemPK7BywsgtDgHJR0bA6VWqaCL6VuhV5bIle+vEv5aY3uBRgl:en1nKwn0ZFmKApg7AqaCL6Y16Ha5/uO

    Score
    1/10
    • Target

      $TEMPLATES/redalert3.txt

    • Size

      49KB

    • MD5

      9a0d407e720246d6a48ef7cc369c49ef

    • SHA1

      cd7e422b3130298e2075838a7ccdd6eaedd2ca1f

    • SHA256

      5cd375441e87c3e728694fa7d956fedde62e5bc537e4c615a60107902f5fe58e

    • SHA512

      b70d8068a69b54dfe598852178d3c88b71a5d445108d5aab0a1f068dda58b71906740a838a1497fae543c8bf276812164f50b0103a5828b9cc278c9d6e94d215

    • SSDEEP

      768:2hMZ0dF4ZFvQbn+eePu3cIQGCGbiC4k42M3wJJEX7NQz2r0/djiJXj+Jp:2yZMSZFvknTePMZd4k4kJJELR6dkG

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      2b54369538b0fb45e1bb9f49f71ce2db

    • SHA1

      c20df42fda5854329e23826ba8f2015f506f7b92

    • SHA256

      761dcdf12f41d119f49dbdca9bcab3928bbdfd8edd67e314d54689811f9d3e2f

    • SHA512

      25e4898e3c082632dfd493756c4cc017decbef43ffa0b68f36d037841a33f2a1721f30314a85597ac30c7ecc99b7257ea43f3a903744179578a9c65fcf57a8b7

    • SSDEEP

      192:ibEOXfXZQ6i1AZ2q6grklcm/iaULQAos:ib/41AZN6uklckLUJo

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks