Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6222d3d94338b5d96c6a853707cc7ef7_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240722-a9yrxswcrq

  • MD5

    6222d3d94338b5d96c6a853707cc7ef7

  • SHA1

    824c1e5aa61bf770727cabb92e27cc1d80ad73e9

  • SHA256

    bb6281210e9380ebd38cb200e98368eb651fac0c9e177b2143db7f358c68d77e

  • SHA512

    869ae019fdf1775b2bc782a3da21fcd1c27bcf1db8d52c4a4430b88f7b2795a7b947e4014f35e833d67b6ca3486ee2480b7ce49565e442f100a94827f6f5e7ac

  • SSDEEP

    49152:8MTx1gla0NHKAyymG2oXuw86DpKWhxcOro/rAa0zL4tkZhVi:1Q7Pgpw8SKDOrarlsfZhVi

Malware Config

Targets

    • Target

      6222d3d94338b5d96c6a853707cc7ef7_JaffaCakes118

    • Size

      2.1MB

    • MD5

      6222d3d94338b5d96c6a853707cc7ef7

    • SHA1

      824c1e5aa61bf770727cabb92e27cc1d80ad73e9

    • SHA256

      bb6281210e9380ebd38cb200e98368eb651fac0c9e177b2143db7f358c68d77e

    • SHA512

      869ae019fdf1775b2bc782a3da21fcd1c27bcf1db8d52c4a4430b88f7b2795a7b947e4014f35e833d67b6ca3486ee2480b7ce49565e442f100a94827f6f5e7ac

    • SSDEEP

      49152:8MTx1gla0NHKAyymG2oXuw86DpKWhxcOro/rAa0zL4tkZhVi:1Q7Pgpw8SKDOrarlsfZhVi

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      $PLUGINSDIR/ics-generic-silent-us.exe

    • Size

      446KB

    • MD5

      1b545138bef8f589b16ebe6229aa31e6

    • SHA1

      21c2acd7747417669c90554ab5ad99104e66499c

    • SHA256

      db2160a2f1a513b317a9ed311814dd15e747ae9469ca43d5f61e60523e3750b2

    • SHA512

      06dd82e449c24b6965a53556f60c1fc47ecef38caa06c9390ef47c80ba29896ea8a2f020f5659b3f20f77bfd8b32a490d807cd4f9b57c7b17abfbb9e6b797645

    • SSDEEP

      6144:EszukHCALCsMLUoMM3JQDOwbCjJ3QNe6oSu18LItlnxtxN/CsOzk7R:nEKMLUoMRDOwC3QY78LmnxLNKsOzkV

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Target

      $PLUGINSDIR/CustomLicense.dll

    • Size

      3KB

    • MD5

      3c4c9b038c7eb5223691586a42415fef

    • SHA1

      53eb3587f5313f9aae5aea8b92f7ceb45db19fc6

    • SHA256

      60f9263a1693ae5a18523ee5d0f37e512882edaea2b84a028279d7fe5bb305ae

    • SHA512

      a07843d793811ca6ea9be734c458209a1bb224297743e23304f48b65f38ea9ae5a570f99b5c23642431ecb5cb30bcb43848bb92e6529395c232c63f641143250

    Score
    3/10
    • Target

      $PLUGINSDIR/GetVersion.dll

    • Size

      6KB

    • MD5

      5264f7d6d89d1dc04955cfb391798446

    • SHA1

      211d8d3e7c2b2f57f54a11cb8bc4fa536df08acc

    • SHA256

      7d76c7dd8f7cd5a87e0118dacb434db3971a049501e22a5f4b947154621ab3d4

    • SHA512

      80d27ee2f87e2822bd5c8c55cc3d1e49beebb86d8557c92b52b7cbea9f27882d80e59eefa25e414eecee268a9a6193b6b50b748de33c778b007cde24ef8bcfb7

    • SSDEEP

      96:E12Z84uiwpGTVTDSpaHYfniz0R3GhCvXY6Ix5vdR7pBi46AQ5Vu4:2STVTGwYhR3GhCvy5vH7pBi46AQ5Vu

    Score
    3/10
    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      4KB

    • MD5

      99f345cf51b6c3c317d20a81acb11012

    • SHA1

      b3d0355f527c536ea14a8ff51741c8739d66f727

    • SHA256

      c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93

    • SHA512

      937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef

    Score
    3/10
    • Target

      $PLUGINSDIR/Math.dll

    • Size

      66KB

    • MD5

      b140459077c7c39be4bef249c2f84535

    • SHA1

      c56498241c2ddafb01961596da16d08d1b11cd35

    • SHA256

      0598f7d83db44929b7170c1285457b52b4281185f63ced102e709bf065f10d67

    • SHA512

      fbcb19a951d96a216d73b6b3e005338bbb6e11332c6cc8c3f179ccd420b4db0e5682dc4245bd120dcb67bc70960eab368e74c68c7c165a485a12a7d0d8a00328

    • SSDEEP

      1536:0P43WZ4Ql60gam+2MwRmPeqFVHbQH0ZZ1Iet:0wU609VMH0T/t

    Score
    3/10
    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      2f94245152dbd233e248909f9c01c578

    • SHA1

      ab4e5879c001b36a2f9ff214946599fd015edda9

    • SHA256

      4c4d85eb9725fc7fade03467990e3dd9671c29a7870c97e69babc2cb3c9adef9

    • SHA512

      f92830de27d6663be5e0df9e32cd88732bc7ee93b14c1ded65258c325d22436400801aff1124f40400c6c3b3c16e71deb08436714716f3888d13a8a6b6a32231

    • SSDEEP

      384:vBCwUYeQ8geEQyhUtXlcgCHe8DSMk8/UhU7ya4L+0Ac9khYLMkIX0+GvRgbJ1:owUEpet1cgCHe8DNN/UhUua4L

    Score
    3/10
    • Target

      $PLUGINSDIR/linker.dll

    • Size

      6KB

    • MD5

      8450b29ee8d592c208ba1aaf6ee50267

    • SHA1

      75096da057bc85cef63bb0eec168652ea75cf618

    • SHA256

      53aa57e582dc56421c1191a0a9efac9c36960b903b7d825f3b9682605ec2b612

    • SHA512

      d23a3057053a1f36f5eb212ae0b09b9b0b41e50b8a6a20bbc46c12c51199ad0bca741bcce17534488158e8f2b9470dbdac2aa059688b7588a05778c40d461039

    • SSDEEP

      48:q/XgJspkvsIWyuS3fyVLkmqbIWXGuDNcGo+FLtLFSfrPIk2vIhll:4gJsFIWjS3qVomqIixo+9tLFUr4vMl

    Score
    3/10
    • Target

      $PLUGINSDIR/md5dll.dll

    • Size

      8KB

    • MD5

      a7d710e78711d5ab90e4792763241754

    • SHA1

      f31cecd926c5d497aba163a17b75975ec34beb13

    • SHA256

      9b05dd603f13c196f3f21c43f48834208fed2294f7090fcd1334931014611fb2

    • SHA512

      f0ca2d6f9a8aeac84ef8b051154a041adffc46e3e9aced142e9c7bf5f7272b047e1db421d38cb2d9182d7442bee3dd806618b019ec042a23ae0e71671d2943c0

    • SSDEEP

      96:YV2qpbvYSflug0Dvxn6GuKM9sh1gdrN9+oB7FT9WibOoBZcko5N/:Yt5lugRK8hlvbwkKV

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      c10e04dd4ad4277d5adc951bb331c777

    • SHA1

      b1e30808198a3ae6d6d1cca62df8893dc2a7ad43

    • SHA256

      e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a

    • SHA512

      853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e

    • SSDEEP

      96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420

    Score
    3/10
    • Target

      $PLUGINSDIR/nsisunz.dll

    • Size

      40KB

    • MD5

      5f13dbc378792f23e598079fc1e4422b

    • SHA1

      5813c05802f15930aa860b8363af2b58426c8adf

    • SHA256

      6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d

    • SHA512

      9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5

    • SSDEEP

      384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4

    Score
    3/10
    • Target

      $_121_/SearchToolbar.dll

    • Size

      264KB

    • MD5

      5ddb11ea4ae68dc90c4d3eb427c290d3

    • SHA1

      855fd8074c9033c1e96e32fedac938fb88e9cba8

    • SHA256

      193b2f27e5fdcd1c5a489ae0421e0105ec2255e800e448508fd54e44c3d2b54a

    • SHA512

      50f9f084930b6bca9f6bdb2c8304824c7d8b417ba12119cc99d5c96e3f7313878335354bb3cc32860c398ef512ba84db70e4c6d60c685556e778567c52b77212

    • SSDEEP

      6144:SEoLo0+YodgQx4edCEQjWNONnMSPKcY+KQ0CkkkkkkkkkkkFCkkkkkkkkkkkWCkc:TQv+xGjWNONnMavYskkkkkkkkkkkskkU

    Score
    6/10
    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
7/10

behavioral2

Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

spywarestealer
Score
7/10

behavioral8

spywarestealer
Score
7/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

adwarestealer
Score
6/10

behavioral32

adwarestealer
Score
6/10