Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8dabaad433dbb2b516e75168ca970903_JaffaCakes118

  • Size

    7.1MB

  • Sample

    240812-g9hh9syglj

  • MD5

    8dabaad433dbb2b516e75168ca970903

  • SHA1

    4faeb166b07c6e81db33cfb978473d157e1a05c1

  • SHA256

    3dacbf49ecb37c75438c28e2762dbab36aba3e817bf7568767d2135f2800444b

  • SHA512

    ca7eb17717693b63007e218da7d6d3e51bbe3af79ff9e080b1cd5340a06137698601a26885d3843a8dd8c01fa0236892560403b9725927689c97d9956e990aa1

  • SSDEEP

    196608:kQqUejR4kJxjTbSYcOGn6/21XnyzGUQipup0:UjR4k/jT2DC2Ez1Qipb

Score
7/10

Malware Config

Targets

    • Target

      8dabaad433dbb2b516e75168ca970903_JaffaCakes118

    • Size

      7.1MB

    • MD5

      8dabaad433dbb2b516e75168ca970903

    • SHA1

      4faeb166b07c6e81db33cfb978473d157e1a05c1

    • SHA256

      3dacbf49ecb37c75438c28e2762dbab36aba3e817bf7568767d2135f2800444b

    • SHA512

      ca7eb17717693b63007e218da7d6d3e51bbe3af79ff9e080b1cd5340a06137698601a26885d3843a8dd8c01fa0236892560403b9725927689c97d9956e990aa1

    • SSDEEP

      196608:kQqUejR4kJxjTbSYcOGn6/21XnyzGUQipup0:UjR4k/jT2DC2Ez1Qipb

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      a4173b381625f9f12aadb4e1cdaefdb8

    • SHA1

      cf1680c2bc970d5675adbf5e89292a97e6724713

    • SHA256

      7755ff2707ca19344d489a5acec02d9e310425fa6e100d2f13025761676b875b

    • SHA512

      fcac79d42862da6bdd3ecad9d887a975cdff2301a8322f321be58f754a26b27077b452faa4751bbd09cd3371b4afce65255fbbb443e2c93dd2cba0ba652f4a82

    • SSDEEP

      96:2fiqP7bO2qHkAC40KhvSE+6nrxtMn0iGd88qRLqtJ1tbRhElfRx2:siqP7OHX1Q4xtcf8qo/ttgfRx2

    Score
    3/10
    • Target

      Alligator.k52

    • Size

      1.9MB

    • MD5

      e90731651f4cee68f4e80319953a83d1

    • SHA1

      5bc408c46e7a292d1423264d06eb389f0a7dcdae

    • SHA256

      cdd09b97328c10b8a78b285bb1c106e64ce5c13747ef8b11404fceafc872430a

    • SHA512

      70c4a2ffe93535cfc7f7818d2b5c010f3ea10ec49d7711e65032edeef1f8cfbdf588837033e202352f9626bf1592d98742e9eaf4eebec6dbbbc85ac1ec0480e2

    • SSDEEP

      49152:F30B6Qhgeg0XS7ezZ8ryop9/6qEfLZF17vV3Jpou:FEBthE2RzirTC1fLX1B4u

    Score
    3/10
    • Target

      BlackShark.k50

    • Size

      162KB

    • MD5

      5b518f989aaa855b60f9b1b6cf44211d

    • SHA1

      108e8acfb35797840a987bb8805f479bbdcfbe88

    • SHA256

      24a56e451776b0a3024388f52b139f660a244b03e80d2150dbe0ee423127c886

    • SHA512

      653d5ec317f3abe4e9f0e4516a13f394d1a70d67c5418f44c899e0d17ad1851192fdf25f46f121b2d626095b19bdd67f4f81c6ada42c4afe4ac7b1dd1b446dc4

    • SSDEEP

      3072:1uWgN4mJzcrpXVvjJm2HOMe0CS81vMXhfaDgK9gtB8x+12kiujvGdI:1uWgN4mJOR/mzMm5kRf1K9Dx+1Liuj

    Score
    3/10
    • Target

      Get your registration code.url

    • Size

      125B

    • MD5

      7d8a34b7180fbf0d60d3e95099980ebc

    • SHA1

      94315de23c1b8cbd855f473db1472764be65120d

    • SHA256

      014472847e1ad0f1fc0907774f102c4f66dbf505c7f9748d5f3b7a658e899252

    • SHA512

      d9c661f23125cc561b05d6c4e1fdca8e105345f71cc2b27015ce7f2ea8a3d76c2c984ef74f7954020f379767001b3f96f68886b4a91007a45816e88821a9507c

    Score
    1/10
    • Target

      MIG_29.dll

    • Size

      284KB

    • MD5

      823027d201e8320ba9ae20b5f3914dcc

    • SHA1

      afaf8db6bc1133581f720b9363d09dfd6f3727b4

    • SHA256

      e48a62466cf46065fe34d4fe08390f9db2058ae2461b78eae7e25a4f301d5fca

    • SHA512

      921d066a33174a9fca58b0d833195332146b79aee17ba7b7f925f4b33cbb2b70a9b5e0c241240085b64976009f3b38a1484c07c539681ded674e791fcd7c5f71

    • SSDEEP

      6144:8bhQcZEmUgvvHCWj57apJ2OT+f3fidbuQJbfAORqOK:CjZEiv1o2CwvidqQljqO

    Score
    3/10
    • Target

      MSORecovery.exe

    • Size

      2.7MB

    • MD5

      ee020c5725f349a34eac92982a65235b

    • SHA1

      a1270c2a0134e51a4b42cf4e5a8f5a94681beeba

    • SHA256

      6253ecdb4296b0c6da93e178f66542b795a64c2adfbff85a62b4580ae2df6a62

    • SHA512

      73284952f2b66e378b75261d1223bfde397636784f9f6ca4e7d3c2d31cc37bf1c6641dbbb26633b31c4a5074ff76c61cc9f3e8bcae794e65149ee3aa2a17098c

    • SSDEEP

      49152:KYLzFRQvCCBlwoY+17kYQstL8vnMn0z7OGIGG2G05HbN/kTpsc:KYLzFRSZlN10st6M05g10VbN/apv

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      Uninstall.exe

    • Size

      59KB

    • MD5

      973038639d770a979c786f86c71c2aa2

    • SHA1

      45cd5858255d414606760666b9344d95c0c2ead2

    • SHA256

      64326f62c4328392e52de8a675b2cbc0c7b10a7ba9cea03d829ed56f4b714e42

    • SHA512

      2b3bf405249abd930be9bbaf4ee56bd24510fe98927e24a4b17192859984fd12e89941f60e7b108e2806282771cc4d2c6ab3bdec97409c78b62fbf6631c23928

    • SSDEEP

      1536:2pgpHzb9dZVX9fHMvG0D3XJrgdLeAyN/QhV/l:cgXdZt9P6D3XJrceAXv/l

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    • Target

      bs_load.di

    • Size

      466KB

    • MD5

      15abbe3c15e018da7ef56841af33cb74

    • SHA1

      7a91dca0f03b175929ded67625d79a5430c3ceff

    • SHA256

      c0980bfddf43bbd6df2441f2dfa46f98f04b7b4d0f4f079b60abaaa21a1ab3e0

    • SHA512

      c84e95cca9f8b901fe904937b70c23f7b86dc1037905d8bf0c6f8602a41abf4305bc1eb925447c1b74123d974b2f752eccfdd184ddf6cef6d7eb7194832d2ce1

    • SSDEEP

      12288:EBQstBghoWlHkXMzIuZFquh4cilkfiEW:8DYhoWlHml3u9iqf

    Score
    3/10
    • Target

      bs_wm.di

    • Size

      64KB

    • MD5

      1321edc324c693184631b27870745b75

    • SHA1

      aadda09fe92940aaac81c7733c3b636ea9592f34

    • SHA256

      c00718b18ed6d0ee5021ff1a35f164676385c5b23f40ae332af6ea7805af3a9a

    • SHA512

      5ce976ef98ee882f5dc2ae5366e5e08461ffa292b26bc1a24cf2bff52543f4ebd1eeaa3bf07616520d689d7b1afbdde6c3483ce9dfba59eb0ebaca3f170a9a4b

    • SSDEEP

      1536:sPheLWulsWgcovqchWxhOMyP6mJiSmX9DBZ/B:sQlsW5ov3hEhY6mJiSmX9DBJB

    Score
    3/10
    • Target

      gdiplus.dll

    • Size

      1.6MB

    • MD5

      d0aaae16ba162dd89d646887f1539855

    • SHA1

      0a222f319b7712b861ef6adf0c38cc2c5a2790fa

    • SHA256

      d84e7eb505adee8ea660f48c89705977f5eb33b7299d0bd981624e3ece320223

    • SHA512

      6d7cf7b3a1dc0560791bc3db4fc836ad0f58b8b531c593d96a37bb77afa3ab7dd6bd4d66a97e37cde3443078eb189609d8d36119198c60ce6b74c1a093000769

    • SSDEEP

      24576:i0CiGmsJ2LC4jJmNwP+6fBUAK8C0m1DQucWM9nul/SuyZfWPP90bTv6:i0K2L1Pjf2AKWmFcLulMZ9H

    Score
    3/10
    • Target

      t34.dll

    • Size

      44KB

    • MD5

      bed53822767514451e6430f29caa4984

    • SHA1

      d904a51dc5c17ac314ca65acadb3a019e579dfa9

    • SHA256

      78b4a37f0b85d645c0cd605622da1b864eda828bffa6456b4072208cc7ffaa0f

    • SHA512

      4e90556cf90e6760c7698c80097202f6b4181ecab86331374bdd83a076152e24b495e8763696a2e6c5ab6b5f31192a6ac2353469c858686c57a0453b0833f3cb

    • SSDEEP

      768:SqNustuFL5Z2pRLexw57kyALAIED8F3DK:SqN1tuPZ2pRLN5/cuD8dDK

    Score
    3/10
    • Target

      wab_recovery.exe

    • Size

      2.5MB

    • MD5

      fb7d7957793ceb0696da272e4af488ca

    • SHA1

      ef1b6259484398e0f32b19bbdcf4f6b15641f6b5

    • SHA256

      774d28cf0489395844f63ed589e870fa1d1f1cc696914b9a097e86f6deeb531c

    • SHA512

      7f5fb9a886773f06143663810beaa41d59f53547dc1a3341c511aba8a2d399356aa4be9fc918b5caadfffe8bb5c4fa5a83569385b3f41f876bddb1d82667408e

    • SSDEEP

      49152:noRUDfoWgwPhngL28E0IJQ98rVFSH47CIiQL9YlX9:noRAQWgwPhnKtIJjrBDt9YlX9

    Score
    6/10
    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

Score
1/10

behavioral10

discovery
Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
7/10

behavioral16

discovery
Score
7/10

behavioral17

discovery
Score
7/10

behavioral18

discovery
Score
7/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
6/10

behavioral30

discovery
Score
6/10