Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

HotelMIS_special.exe

windows7-x64

7

HotelMIS_special.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

ConfigServer.exe

windows7-x64

1

ConfigServer.exe

windows10-2004-x64

1

GuiTk115.dll

windows7-x64

3

GuiTk115.dll

windows10-2004-x64

3

MFC71.dll

windows7-x64

1

MFC71.dll

windows10-2004-x64

1

help.doc

windows7-x64

4

help.doc

windows10-2004-x64

1

hotelMIS.exe

windows7-x64

1

hotelMIS.exe

windows10-2004-x64

1

libmySQL.dll

windows7-x64

3

libmySQL.dll

windows10-2004-x64

3

license.rtf

windows7-x64

4

license.rtf

windows10-2004-x64

1

msvcp71.dll

windows7-x64

3

msvcp71.dll

windows10-2004-x64

3

msvcr71.dll

windows7-x64

3

msvcr71.dll

windows10-2004-x64

3

mysqld.exe

windows7-x64

1

mysqld.exe

windows10-2004-x64

1

share/char...s.html

ubuntu-18.04-amd64

1

share/char...s.html

debian-9-armhf

1

share/char...s.html

debian-9-mips

1

share/char...s.html

debian-9-mipsel

1

tmpl/ReportDay.xls

windows7-x64

1

tmpl/ReportDay.xls

windows10-2004-x64

1

tmpl/ReportSsy.xls

windows7-x64

1

tmpl/ReportSsy.xls

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    672e442c8f7cceeffbee90b67aa1c373_JaffaCakes118

  • Size

    4.4MB

  • Sample

    240723-mdqgws1bme

  • MD5

    672e442c8f7cceeffbee90b67aa1c373

  • SHA1

    668f9e69f5a4494bcd21ca40b1db199c2fc19a20

  • SHA256

    2c79bad3b5eaaee69ef3cf26335faae93945cfa5efa2a1bd27b6b8f6f69fedce

  • SHA512

    b2d0be9f155064d492af020e02f655f4e90c57ee5ab7990b0b7f87fdb4d06b2a6e8415273cb8945f2be5e62f6b48ad27a37e5f48d8d3852bfd7a96da92ffcb40

  • SSDEEP

    98304:SV6s6409lBgwbE7E/yStqCVj1QNc0pV389se4IV14h9/Hn:SgLLb6VCVR4c8s9LqhN

Score
7/10
aspackv2linux

Malware Config

Targets

    • Target

      HotelMIS_special.exe

    • Size

      4.4MB

    • MD5

      28c496e7858fe08d033471188758ae05

    • SHA1

      f9e2b499793571e63eeeda42fec5f35c29ac4d8e

    • SHA256

      6a6205ae89cf59a35824fe19cf0b43f040bcf17aa38cbea4667483eda5371f88

    • SHA512

      fa04faa33dedadd87846e907ae31f9b80d1fefd843373a9d1dce74ff33a1e9fb32c58f918dabfc718e80e5917122eed639a11971bb32e82fc81fae7871920c64

    • SSDEEP

      98304:Au7/6DqskEQHVuiI6u01OwmjeDc470I7iL4rSkzF7HBVroZSfvfmMluFIcQE/SiG:z/6mRNVuiubKDICSk9/tjlR3

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      b18dfaded8f6d2380fdfd8f6b6969211

    • SHA1

      969fa0e906240ab1123254feeb833c275626cf76

    • SHA256

      747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58

    • SHA512

      25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c

    • SSDEEP

      192:66JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTLK72dwF7dBdcQOz:66JaVh4I5rpPbTL+BdhO

    Score
    3/10
    behavioral3behavioral4

    • Target

      ConfigServer.exe

    • Size

      56KB

    • MD5

      3f5999f8a29b813fc5343fb5243c4f3a

    • SHA1

      b097844ca32a6b5b521ce913ad71a8fad62bd241

    • SHA256

      36395b1939bd31158457f6b5db4ac0047653b98351bf07ba62569ba8ba3687a6

    • SHA512

      8dce8311349ca049ba3ddb53143d781ea146672023ecfdd10817ea305b5900e45e4a54337a85cef3628812870d121030fbc83cd9f6957de623a48de03b45a89e

    • SSDEEP

      768:Iey+GBjPJW413pAEAk7rQ6Qy0siFCvJ4V7wmdUm1a8kN+6:Ib60mBcMFCvJgZP1aX+6

    Score
    1/10
    behavioral5behavioral6

    • Target

      GuiTk115.dll

    • Size

      564KB

    • MD5

      0dc0916b0a6b0662eb09a1b49edd5c59

    • SHA1

      d734ac0265665a258423230421a155ff1c0c39fa

    • SHA256

      f9ae6c266b2031968e6a7bebbcb3fa955d9169e0a50047847426b040c2790b70

    • SHA512

      49034a2e9143eed9c547d409c8a581e28a298e511b78b02b5c3127834a6b903492e3125140258dfc033fb50140500b63ae7b36b4c4c263237b740257fa25738d

    • SSDEEP

      12288:H3GbT3oBp0TOW5BOGuIOcNxu4rZWaklsx2c5:HMoBpql5kGutcNxu4tWakRc5

    Score
    3/10
    behavioral7behavioral8

    • Target

      MFC71.dll

    • Size

      1.0MB

    • MD5

      f35a584e947a5b401feb0fe01db4a0d7

    • SHA1

      664dc99e78261a43d876311931694b6ef87cc8b9

    • SHA256

      4da5efdc46d126b45daeee8bc69c0ba2aa243589046b7dfd12a7e21b9bee6a32

    • SHA512

      b1ced222c3b7e63e22d093c8aa3467f5ea20312fe76a112baed7c63d238bbe8dee94dfe8f42474f7b1de7aa7acb8ba8e2b36fdd0a3cda83ee85ac9a34f859fa4

    • SSDEEP

      24576:Tnc0xa+xDaWhzSenZncQfT0ExftQqDEu:Tn7VxWWhzSenZncQLVxft5DEu

    Score
    1/10
    behavioral10behavioral9

    • Target

      help.doc

    • Size

      1.2MB

    • MD5

      3cacb1cf9365750d3eeca223208450db

    • SHA1

      09e9b663c7a6ef54d904aee438235ef0accd437a

    • SHA256

      0df33e798a43577224fad51b89829e3617ae38dbf50e287c629dc4a559d39604

    • SHA512

      4980ab3ab1c78ee64d164e7ce90a949856ce1b8ebba33120a2ef67d51b37e83a10648663455a249f6acd33d170a0c5d47ea23dff7b806679d306f3e8b470e434

    • SSDEEP

      24576:kyP1QpzHcCf/fklHWxL5V5cLS08e+wXoM7Qaa1KeW8pGAytns:kC12zH3fqHWhz5cLSs+Ebkaag4pGAy9s

    Score
    4/10
    behavioral11behavioral12

    • Target

      hotelMIS.exe

    • Size

      581KB

    • MD5

      2bd54cefa92e14d3749dfdecfba3a7c5

    • SHA1

      646250e7789d63530d87bcf4854002e9be3919b0

    • SHA256

      8663fb47b09c6cf2712ffb219be9a1f810ede0f9331d4157061ba2a9c5a9d86a

    • SHA512

      ecc132e539fc5c7d6858255b123d95261f316f7640372fd0ebfce83d44dfdc9850f490dc7bb8ab115d5d8c14b88432256262dfbae2894fb409fc38bf3c494872

    • SSDEEP

      12288:fVqkJBjMoi22lBqi9EuUuIiWDSxiQ1kPZbwbn:fPhMoL0ndHWEiQ1kPGb

    Score
    1/10
    behavioral13behavioral14

    • Target

      libmySQL.dll

    • Size

      499KB

    • MD5

      8a42e95b1543480e6e4dc64a94a21c08

    • SHA1

      194dba472b1e8d91cdadda5ddcdf36997f2db780

    • SHA256

      31b509c010a8e17adc889747d39fec65f7f2f398f49181c2b8d9151fc6268fc3

    • SHA512

      a79f3467cac53e358afa082db64674c9efe0f0bef721d34904a49f0fd72e86620ea18d5492903d43cceb74f6966e6e5aef12bac0453cf4e4444fe2869dbbcfeb

    • SSDEEP

      12288:WfIyD7+7K9TU8GpjjJZXLar/ysudF0vbXgVUe:WQyl9TU8MjD2jYwb+Ue

    Score
    3/10
    behavioral15behavioral16

    • Target

      license.rtf

    • Size

      55KB

    • MD5

      961ae0fb01407fc89aaa5bf634257616

    • SHA1

      e268e6cdecad3d181e3597907b98c77baa3a17da

    • SHA256

      c807466525f0cc5d203d902d63d6357f953d5bddcbbece4abac8f61a9427304d

    • SHA512

      ab105c3ca59e3c58c38144fde138c76fa28fd063f1da21cf89f068b7ba829437b3a1eb7e0badad8635c95a8165650e7212cb06482ceecf4afb262406980b8efe

    • SSDEEP

      384:nAl5XLig8T6v370++IqUSsTEmuyuu3Eh4lGf5sEGtBlAzP4GfGuLsj3muA:Y5Xh0+FqUDUh4cBeDlAzzuO

    Score
    4/10
    behavioral17behavioral18

    • Target

      msvcp71.dll

    • Size

      488KB

    • MD5

      561fa2abb31dfa8fab762145f81667c2

    • SHA1

      c8ccb04eedac821a13fae314a2435192860c72b8

    • SHA256

      df96156f6a548fd6fe5672918de5ae4509d3c810a57bffd2a91de45a3ed5b23b

    • SHA512

      7d960aa8e3cce22d63a6723d7f00c195de7de83b877eca126e339e2d8cc9859e813e05c5c0a5671a75bb717243e9295fd13e5e17d8c6660eb59f5baee63a7c43

    • SSDEEP

      12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e

    Score
    3/10
    behavioral19behavioral20

    • Target

      msvcr71.dll

    • Size

      340KB

    • MD5

      86f1895ae8c5e8b17d99ece768a70732

    • SHA1

      d5502a1d00787d68f548ddeebbde1eca5e2b38ca

    • SHA256

      8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe

    • SHA512

      3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da

    • SSDEEP

      6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E

    Score
    3/10
    behavioral21behavioral22

    • Target

      mysqld.exe

    • Size

      3.4MB

    • MD5

      1c329f51288c6677ddbe927a0c5f7d96

    • SHA1

      a283a17db2ff55a250cb645e324a283119b9bd72

    • SHA256

      273e217c1982ea9e9e9ab5cbc0f596d598f669a366507d05e33db93ce6e9dec0

    • SHA512

      4bd93ac6742e6f8330df18c0e91dce198047e58621990fc0155ecb9930439bdac8d4ac10fd85603c4c722d9e71f0dba2ebe7eac7c9fea052c2b43024dd49150f

    • SSDEEP

      49152:dfgTBYdvYgmeFbSaEP3hto8tkjJJJRjNNNjjjvT8WSgHZRJTqmhfDgHcbn:dt2eAaEZto8tkjJJJRjNNNjjjnH1FhV

    Score
    1/10
    behavioral23behavioral24

    • Target

      share/charsets/languages.html

    • Size

      16KB

    • MD5

      97b0d2604b8c0163305cb86b6b8b9183

    • SHA1

      1b582f3f1226a00cdca3686f9f81ee8a042a934a

    • SHA256

      e50d69aaa716caa2a3a8df57073b0ca0a269155bd256f108fc7e483277109329

    • SHA512

      17dca7056ec66862ae65d49eb0908696de0e29db2720920bd64f06bdcdb0168eef6c9c349a0cbc8dcaf7508869b2a5be0cc3f607bb3f2bcc4cf18d7d38ca572b

    • SSDEEP

      384:8OkklooiYagqQEz7vyf/2h8JAcogGvoKkqfW7JMD4J3gRSOp:8zp4J3nOp

    Score
    1/10
    behavioral25behavioral26behavioral27behavioral28

    • Target

      tmpl/ReportDay.xlt

    • Size

      14KB

    • MD5

      134d0c274ea63981ca85339c2b034164

    • SHA1

      fe4737450b1fb809a2bbafb68386a5341303b537

    • SHA256

      34f926dea66e2e9c21d5d84fb70bd758a3be62ddc58f70570bf2e777577d70d3

    • SHA512

      7135d26b77e46abc5fe0b05fca7b9b623a4637fc07fa12588faeb55558c0b99851836082978a9f4456792b83ba59d1400690dba41700dea8ff5d798115948f84

    • SSDEEP

      192:KGLpRpRpRpRzwR2X8hhPPPPPPPPPPdVttk3Ig:zXXXXzwR283tk3Ig

    Score
    1/10
    behavioral29behavioral30

    • Target

      tmpl/ReportSsy.xlt

    • Size

      15KB

    • MD5

      82c37f2558d9474e2e3d3dbc2405b28c

    • SHA1

      0d8fe130b7ccc16acf8ceba677bab1265dce6cec

    • SHA256

      109dbb195f8c7f59591e2038d88b2cc09bc6dd9406d479f3294469278d206c5b

    • SHA512

      2a61435167a5f67d84d9627eb2fa7de338a1889256749be4f2c8a86451e3cebfa60d52d172c8b331633984855ce36a0921fb13cdc5b51eb64f72e9439a6c3910

    • SSDEEP

      192:2G8pWpWpWpWUse3pDR2M8hhPPPPPPPPPPgIs0U5OWu:oYYYYUsA1R23snOH

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks