Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    94b0815466932f60d4276ab68f040c8a_JaffaCakes118

  • Size

    2.3MB

  • Sample

    240813-zn2zwswamb

  • MD5

    94b0815466932f60d4276ab68f040c8a

  • SHA1

    742649cf6a4da6eb4d23ebce19018b7e564b4f85

  • SHA256

    dc5328c987a32c4618929b3721d4d546e74d15b5e1c77ceef23a8bd04a8fa912

  • SHA512

    11c3bc0d0b074f1b6c0d50dc48b148e4bd00c51499ad7759f9a8fe73568254295b11c1d5d0abe76434926bbbcb7f33b6d0c7a0302e66a0abffc9c50b017eb532

  • SSDEEP

    49152:p2kVY9+dUZ35GbcDid1f1RC6gk2wjLIEuI9RD/e4VBDj/MU0MvAE:p2kVYawJucD0CJIIElBFL24

Score
7/10

Malware Config

Targets

    • Target

      94b0815466932f60d4276ab68f040c8a_JaffaCakes118

    • Size

      2.3MB

    • MD5

      94b0815466932f60d4276ab68f040c8a

    • SHA1

      742649cf6a4da6eb4d23ebce19018b7e564b4f85

    • SHA256

      dc5328c987a32c4618929b3721d4d546e74d15b5e1c77ceef23a8bd04a8fa912

    • SHA512

      11c3bc0d0b074f1b6c0d50dc48b148e4bd00c51499ad7759f9a8fe73568254295b11c1d5d0abe76434926bbbcb7f33b6d0c7a0302e66a0abffc9c50b017eb532

    • SSDEEP

      49152:p2kVY9+dUZ35GbcDid1f1RC6gk2wjLIEuI9RD/e4VBDj/MU0MvAE:p2kVYawJucD0CJIIElBFL24

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/FindProcDLL.dll

    • Size

      31KB

    • MD5

      83cd62eab980e3d64c131799608c8371

    • SHA1

      5b57a6842a154997e31fab573c5754b358f5dd1c

    • SHA256

      a6122e80f1c51dc72770b4f56c7c482f7a9571143fbf83b19c4d141d0cb19294

    • SHA512

      91cfbcc125600ec341f5571dcf1e4a814cf7673f82cf42f32155bd54791bbf32619f2bb14ae871d7996e9ddecdfcc5db40caa0979d6dfba3e73cfe8e69c163c9

    • SSDEEP

      384:1NWlNdqdAnhTKMLE2oIM05fnqCiWg3Yy9kflIinokN:1NWtqdihTKCldkYwkdpnoy

    Score
    3/10
    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      fa5beae80dba254fb6c21b58265f5310

    • SHA1

      f2f776611dbbb157b151aa744a7e0be1d4b8c079

    • SHA256

      34b8a2130729064ca2f9b3b8e6f90d883d84662156b648a4eeccefefc3473269

    • SHA512

      7c74b9e9f1ff0665ffd6fcf76fca462d9f4fbd7c4a215bc67b419497ef4c3cb9cede6c5b0803cabb316bc5391c4c6f0d578d36e1094b8ed326b140f8e272b538

    • SSDEEP

      192:06JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTZK72dwF7dBdcQOz:06JaVh4I5rpPbTZ+BdhO

    Score
    3/10
    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      7eaad8c651cdeb4a71355b10dbe8d17b

    • SHA1

      1ef6cf4f98c7f20238e548dc6cdb270b741cfe8b

    • SHA256

      fad96602241e65daeef96b559092e7efa2c3b68948a65f1bd7f126b9963df468

    • SHA512

      6f7867774bfd82b1d12d0db5479e9539440ebfc6fee54aafc4381edea8fdccb89a9521a60b5f907033c147c805e6f541ec534c56bfe5f7354c55ca04df5175b9

    • SSDEEP

      48:SnHsOVN7ZTPUptxEwvB3UAKxwLJXyTpXfaV4MOa1n8iwuf0//nDGkaEJPof5MKIM:Y7ZDGEQ3zLJX6d6pOun8iwY0//npEO

    Score
    3/10
    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      6b85b2ff78fe0e04b5f0d4e996f0d62e

    • SHA1

      4507dee0b963080cbd75c383fa4650c7b99907dc

    • SHA256

      c7a033bb91be5487d93cc402d27e4e893ba39b37a121f60c9dbef5bdf02e52e7

    • SHA512

      84cbe4c2ecefd5eaa01ba5c1063056aed5f62a6ced32876c591bfb2bbe8688a020d02573a5f419cac2362579021fe2b4c6abf7e5d619de8178028db49d53e84b

    • SSDEEP

      192:I4lsN55M8r67wmsvJI5a299sfoG8I+WhPB3RY+h/G3DNl/qYcVp/12wgszA:IysdM80dCI5a2LsQ5IlPNRY00AlAMU

    Score
    3/10
    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      17KB

    • MD5

      09caf01bc8d88eeb733abc161acff659

    • SHA1

      b8c2126d641f88628c632dd2259686da3776a6da

    • SHA256

      3555afe95e8bb269240a21520361677b280562b802978fccfb27490c79b9a478

    • SHA512

      ef1e8fc4fc8f5609483b2c459d00a47036699dfb70b6be6f10a30c5d2fc66bae174345bffa9a44abd9ca029e609ff834d701ff6a769cca09fe5562365d5010fa

    • SSDEEP

      384:w9JzaeWrF8d22hXAGFkr2WqErkuCYMAWS5Ns8AXXki:wLaBrrTXr3qruCYuS5qk

    Score
    3/10
    • Target

      $TEMP/Toolbar.exe

    • Size

      1.5MB

    • MD5

      3376e8753c6558dd32042132a0df1f9b

    • SHA1

      f5a168d2ab5571f3bdbd22a0f56d5d5c04b73772

    • SHA256

      dde7c5888ea15b4ae388ef659ea615fde140602cf77e68d88a5cee1c8104f65e

    • SHA512

      d76d187df3a9fe902473cf4510d3c896cc8c02123bb4d50cbbaf86e9152a14e45566ba87567e4c3f0d2f91d3555fee3cfe5db63a04f1eca3600636c565bc9314

    • SSDEEP

      24576:maku/MDVYFk4J0ds+lGJFAxqRK43dAa1JGTwNp8I+Ii/MhnlA51YADVIxZCFWtvV:xkVVYOUYsgGbdrdAa1JGTgWIysAZIfCg

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Target

      content/ctoolbar.js

    • Size

      1.4MB

    • MD5

      62f0c246f267128a37cda656c3eaa7ed

    • SHA1

      3a4e71a478a4ac7bfa5703022290ce149a00152c

    • SHA256

      db0def8f0d18c20240ba12e5ee521b965e97c9da5d0b4a8d00e971f4fe3ac950

    • SHA512

      eac4104247bf15cc01448eed46ed8a07268949aade7d2d7430c3444de02f89e1fa1ff21d14b6fb4bb5187c2c0db256f59c057c829cbdf641490a70237412c96c

    • SSDEEP

      12288:HGEZHO1EpRBZw+IMjgHsgRgMsoMocLS+6JaVXTMIrzVCM5v:PZHO1EpRZjgbRfs3ocO+6cTMIrzVRv

    Score
    3/10
    • Target

      components/ConduitAutoCompleteSearch.js

    • Size

      12KB

    • MD5

      e0e9e9198ae40b8e6cfad7b3e2161607

    • SHA1

      2cf910c4c0aeefb02338e700b680047b76d96866

    • SHA256

      5071fe441676d6e9219655eda341fdb6ce6f4d69c30fc6650129ca8bd2d79789

    • SHA512

      0ba3666ea27a4f1dbd9e758f271cc9ec6956c7beacd76f4fb7d347b1a0091128fcb98761b12466dafd4a968925f460eb4f79bd309549b1aba7a7faa0929883b7

    • SSDEEP

      192:uk/M++iFddQBM8N3jvxpZ5HAwxkDxbUd0xT/ibv:ukEFiLdTOl5HAckDudh

    Score
    3/10
    • Target

      components/ConduitToolbar.js

    • Size

      3KB

    • MD5

      76df67a78a4d6e4e08d5bdac1a2a1ba7

    • SHA1

      2a9718f98dba5dfd23df2881986ef5f0907ab5cd

    • SHA256

      dad87f2f88cf11ba9ae3cc394b56ab2942cbfa1e2b70135cdf71031d4b545902

    • SHA512

      c4cffa2a864f0b15d9d772af9986a0b3644d60bc1738a8f210c303cdd7e0e8bd9fa8b41f1f29744c92df1d8562dd8bb5b976e8c0a96956d862b0ee364bde86b5

    Score
    3/10
    • Target

      components/FFExternalAlert.dll

    • Size

      51KB

    • MD5

      d0a352aca3ad8730fe761238c3d58aec

    • SHA1

      1062b4d0e5b782d342ce914cc139645b9655a73b

    • SHA256

      d7787b19504cca0064f689b0fe28f98aa3e8d63f0f7db5bbcfb2186673a4b746

    • SHA512

      a9ede88c114cc520a291f401666960a37c4bd31d774272800121e3931cfff2b8ae72ca387f361438ba1fe423d69ea928e69280a5f872ac7cd529c3dc973d9e07

    • SSDEEP

      768:r6LJb2Im8e7+eV8J77AtaV2O2nn388ip0oaCoMCl5YRRG9s:r6p2ImiXcA2npKDRRG9

    Score
    3/10
    • Target

      components/npmozax.dll

    • Size

      112KB

    • MD5

      bb2fd4632cbf410c584bab0be026b733

    • SHA1

      da1433810446595bb38fdbc3a664ffb09e81d06c

    • SHA256

      1056248d3674adbc9e33e81f836a578b0e830c054da5a35723fe7072976c3ba6

    • SHA512

      541b333b24e5943ba7d8d5ca052b450138d51b915760dfa512e7403144738994995358ea0bc4304f7aa75e28b6a4a6cd04f608729d100bd6c5dce40f68d4a631

    • SSDEEP

      3072:fd8cpf3GOywbdopQzdglm4c0j9G9rAiYIH9Lf:fxe3wbdXdgRcoGpPjd

    Score
    3/10
    • Target

      components/nsAxSecurityPolicy.js

    • Size

      8KB

    • MD5

      c982f14a117ca444fcd4e558684e72ad

    • SHA1

      d349adb454d434939ad56937dfc6b77bc9bcd1b9

    • SHA256

      fe1cf8b6c350ce8b890ab8aa1c2e8441dd9c672b43439e6241bd90b63bee3718

    • SHA512

      8ce89bcdd31f3b8c529a14255f69c684216eaab44987612b094f1a2c2fed94fd43877caad56fb082eabf1e2de20870b9e681e2f2b04baf55fae1fa847a95b560

    • SSDEEP

      96:8HeHqTzNT0oIOyYDVvJR0zrvwby0eNPNEla0cOnJujv/abPHJ1F9jYuOonoDZt9B:vH0zNT0KyYJKFSSaaml/KgXD4vb

    Score
    3/10
    • Target

      lib/xpcom.js

    • Size

      354KB

    • MD5

      e5a3dd32ff8ccdbe510ebe44719828df

    • SHA1

      2f4e652d7e9c5952e4dc0d1ba6431468ab4c338a

    • SHA256

      f9ab4a9ffe0d686be5de1e58da196052249abfc5d46d428603416af0d216cfbc

    • SHA512

      935fd30aec5afd828acc303658aa056c002c2cc26df863d753c1c0e9186b4d6695edd47de98ab848e9cb7a209f5fb6a106c88c0c5e1c56f61f3a65005ce4f4b4

    • SSDEEP

      6144:fu1sGt8AmtskG9pBTXgCHwwhdjYcK7/rny+UIuB:21sGt8AjW77y+UIuB

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
7/10

behavioral14

discovery
Score
7/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10