Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

75ae56b379...18.exe

windows7-x64

7

75ae56b379...18.exe

windows10-2004-x64

7

"ElfBowlin...le.exe

windows7-x64

3

"ElfBowlin...le.exe

windows10-2004-x64

3

"aminstall.dll

windows7-x64

3

"aminstall.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75ae56b379d6244f8b52d1fabc8ec2e8_JaffaCakes118

  • Size

    7.9MB

  • Sample

    240726-zphbwaxdle

  • MD5

    75ae56b379d6244f8b52d1fabc8ec2e8

  • SHA1

    ba0000b186ac6cb1921d3663c0dc96b73fc27665

  • SHA256

    d520316b0a826549ea56d37c6518ce869426b19e69541acbff157803c88a58c7

  • SHA512

    9682bb8634e9b4bd0f9ef65447d907fa825e57fe485926c7fb78fffd5b4510a8c90558c29d97c24ca977e7064a1ecb2ba62b60ac5d8e11732ab2e5c3e83b913d

  • SSDEEP

    196608:xo/owZET0hisUobMalDYj6Coej1WgpFps/XjMKT:2/owZETairobplDw/fhs/Xww

Score
7/10
discovery

Malware Config

Targets

    • Target

      75ae56b379d6244f8b52d1fabc8ec2e8_JaffaCakes118

    • Size

      7.9MB

    • MD5

      75ae56b379d6244f8b52d1fabc8ec2e8

    • SHA1

      ba0000b186ac6cb1921d3663c0dc96b73fc27665

    • SHA256

      d520316b0a826549ea56d37c6518ce869426b19e69541acbff157803c88a58c7

    • SHA512

      9682bb8634e9b4bd0f9ef65447d907fa825e57fe485926c7fb78fffd5b4510a8c90558c29d97c24ca977e7064a1ecb2ba62b60ac5d8e11732ab2e5c3e83b913d

    • SSDEEP

      196608:xo/owZET0hisUobMalDYj6Coej1WgpFps/XjMKT:2/owZETairobplDw/fhs/Xww

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      "ElfBowling_bocce_style.exe"

    • Size

      7.8MB

    • MD5

      caf206858790be625dc61c7dc8753de0

    • SHA1

      eae73ae3e927f5a14174998197d3291f4bdcd5b0

    • SHA256

      2b527692d3586acc5dab52923b766ea159657e3bdfc7a8e22687d133ce6edb05

    • SHA512

      68d60701a164326e24cfba42feabc3452f3cbab5e48477058703542646ce092b2968add64b69d6355c970042200d7cfd90dd6b63e8157f7a0e0b17ca06cbb51d

    • SSDEEP

      196608:f5dDwZ+rVtmb2vH+qe745L8qHb9WEwegNO7XTuY:hdDwZ+rzmb0H+374BwV1O7XyY

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      "aminstall.dll"

    • Size

      76KB

    • MD5

      40f396e59502dfd850afb1ab4223aa6c

    • SHA1

      bfa196250b6d3434bb86d80d1c62a1d42b309270

    • SHA256

      049ebb29e03d704780f8e588ae2bccc4b074b29bd1e57e182149779257b2e4d6

    • SHA512

      8b8245dd4a97248e899ddee9ec22692dd7bde9ee4dcf299c4e3bdcdc416a591f73b2c5c5ddd3da942c1fe8bc275713dc5942d1e4182ddf737f51463f1e7145cb

    • SSDEEP

      768:SNV5rhiqaZ1V7V5yytiCLqmfTKeqvi8NT7jypjGZ1wZgH1Y10BlnkE52zGnApuxM:Sf5hgVXyy1luTXyVMwW1NkEQGnAp1cS

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      4c7d97d0786ff08b20d0e8315b5fc3cb

    • SHA1

      bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c

    • SHA256

      75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84

    • SHA512

      f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a

    • SSDEEP

      192:6KdqJ4Bhf1mdCMI26t510swClJOeFIsm7F1QuPs:6KdE4zAddwR0swqOeFxu

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      6KB

    • MD5

      388c408cff35a38d04e3cda18f63af07

    • SHA1

      9c2aa2ed8b526ace4267acbcf5648b2601019ac4

    • SHA256

      4f945ad53b7aa8ed516b2f58c2ed9f15c13bbdf0e489d71c7347b80583cee5fd

    • SHA512

      542292d61ff209f6c98c62ebad549024611a7d42fb951f8cc211b886f0d202d5e0da3b754c84c8a00043c748ed527351fc524357412cf88875e6bf729cbba46f

    • SSDEEP

      96:MFJsQxcnqakqeStS6+NMKQwECv0nGhFZxTxZ05hU/61:C9xcnqakCN+N9n0na1K5y61

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      9KB

    • MD5

      e085476805e8f5ef1c7ed635c5309017

    • SHA1

      609e79fdc29d6dee40cc5dd333094db5f9f63eec

    • SHA256

      4eb689e2db8d683afcfffe6dee1985fbd458d2770093547331d563acece80c67

    • SHA512

      082932aea8d993de8ca1eeb60f7bb4e56cc7eab4a683c59822b2c544223febab5915bb2b7c2e2dad79472bbd8ad400770dd7c1f112cef24d18ebd0f1ad63fe9f

    • SSDEEP

      96:DomrrPB3x4gJcp7/qzt1SGr3DEkJjUFezthPhwrWNHRW5j5/Y0+YAZIhtyPEM75C:nnTEjwT3XgFshpwrlR5/7AZlTpVHlmV

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      Uninstall.exe

    • Size

      66KB

    • MD5

      9f6929b916db53a60f8abe4e4aa3616d

    • SHA1

      6769fd166236150dc42f963c59836ba157c3c267

    • SHA256

      50df1a1be3b535ab32f21542dba5dabd753347a742687fc7aaad9819b22fc8a3

    • SHA512

      d778c073418879459f8b0ee69b131aaa5a43d1a05e73740ed3113d42d89d87ba908e1ebbbd030e7fe1d14c9a1a7f17d61f97e75ac536fef05f8b7a2a50cb68e8

    • SSDEEP

      1536:9e0DnjRrJav2FnUIRr2vMYBJ5qAELVigm9YixHMbl0+v/5Qmdm:fD11a8YBJoAI0mpwOm

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral13behavioral14

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      4c7d97d0786ff08b20d0e8315b5fc3cb

    • SHA1

      bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c

    • SHA256

      75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84

    • SHA512

      f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a

    • SSDEEP

      192:6KdqJ4Bhf1mdCMI26t510swClJOeFIsm7F1QuPs:6KdE4zAddwR0swqOeFxu

    Score
    3/10
    discovery
    behavioral15behavioral16

MITRE ATT&CK Enterprise v15

Tasks