Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

615de605e4...18.exe

windows7-x64

3

615de605e4...18.exe

windows10-2004-x64

3

$0/basicscan.dll

windows7-x64

1

$0/basicscan.dll

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    615de605e43071bd2e199fade1cdad8e_JaffaCakes118

  • Size

    402KB

  • Sample

    240721-zrd28swhjk

  • MD5

    615de605e43071bd2e199fade1cdad8e

  • SHA1

    0e0bed0519425d8ae82ada5803aa8ada27c85b94

  • SHA256

    357b2af5bed1548785299e1c280b63eb659c87cb82059de14f52a6248ec38d28

  • SHA512

    82ba5cf5812f3b9145f160286fcfb602722fc76954bd8f010bb19d6ae45ba0dba6ae9eda6b4ac037a5d567dcd6bf9bfa83aab05ef17ce69717cbc9b4c6e60bac

  • SSDEEP

    12288:p23PR92qcEDt+o3uWdPQWk4ab/jzcZGhghPWBRZ1+:pwnFcEDwo3b9yTEGhgZWBRi

Score
10/10

Malware Config

Targets

    • Target

      615de605e43071bd2e199fade1cdad8e_JaffaCakes118

    • Size

      402KB

    • MD5

      615de605e43071bd2e199fade1cdad8e

    • SHA1

      0e0bed0519425d8ae82ada5803aa8ada27c85b94

    • SHA256

      357b2af5bed1548785299e1c280b63eb659c87cb82059de14f52a6248ec38d28

    • SHA512

      82ba5cf5812f3b9145f160286fcfb602722fc76954bd8f010bb19d6ae45ba0dba6ae9eda6b4ac037a5d567dcd6bf9bfa83aab05ef17ce69717cbc9b4c6e60bac

    • SSDEEP

      12288:p23PR92qcEDt+o3uWdPQWk4ab/jzcZGhghPWBRZ1+:pwnFcEDwo3b9yTEGhgZWBRi

    Score
    3/10
    behavioral1behavioral2

    • Target

      $0/basicscan.dll

    • Size

      347KB

    • MD5

      d11d335cd88a90c834aec9959253617e

    • SHA1

      7db3ec76993414dfa1946c882282471328da4326

    • SHA256

      74fc7303821137f8c2e72550d607a975f2b9b6918ee296f8e4ce6654957ff7c2

    • SHA512

      3ebc9543a649b362da3dca2efda54f9226feaba832a904f27e7052f6b9b45b2660a7c9b5bd284adf9abe15f841a60c20d8f7d66b2ba4cb26be50aa095d04f60f

    • SSDEEP

      6144:22K3ugvJMbuwWajWhS6IlDUuaCuF5wncPhKNoSco3CL1FerTnR7dY+4vk+ZATNpA:n9OOzjWhS6uwuaC+wnos5y1uTnV++m+0

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral3behavioral4

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      13KB

    • MD5

      d765c492c21689e3d9d61634371fd861

    • SHA1

      ac200933671ae52c9d5544d0e2e8e9144d286c83

    • SHA256

      551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc

    • SHA512

      9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f

    • SSDEEP

      192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB

    Score
    3/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks