Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    959901e9b3c67ab6ce4cb9d39da0b0aa_JaffaCakes118

  • Size

    5.3MB

  • Sample

    240814-lw3phazhrl

  • MD5

    959901e9b3c67ab6ce4cb9d39da0b0aa

  • SHA1

    1dc11a749feeb978783b80285f11fdca297db0a0

  • SHA256

    20f8b45d691761fe77abc98d4cc177eeca5285508bede224998f238bf41a9f6d

  • SHA512

    9d6e12fc79a635e9d67df86164e0c28171aecefed33e3e80295670d2d7378512a257b09009105d7bf9962f17ebe0c8f6ebc194a258d4ecfe82a18dea10d74e4e

  • SSDEEP

    98304:jt76ZBFjJ7PMq/sgwrjZ20zYh7wGwgxclH+bKuuvv2U2jpQvfrm5MntI:B4l5h4k0zw77cVjuiJvzmStI

Malware Config

Targets

    • Target

      959901e9b3c67ab6ce4cb9d39da0b0aa_JaffaCakes118

    • Size

      5.3MB

    • MD5

      959901e9b3c67ab6ce4cb9d39da0b0aa

    • SHA1

      1dc11a749feeb978783b80285f11fdca297db0a0

    • SHA256

      20f8b45d691761fe77abc98d4cc177eeca5285508bede224998f238bf41a9f6d

    • SHA512

      9d6e12fc79a635e9d67df86164e0c28171aecefed33e3e80295670d2d7378512a257b09009105d7bf9962f17ebe0c8f6ebc194a258d4ecfe82a18dea10d74e4e

    • SSDEEP

      98304:jt76ZBFjJ7PMq/sgwrjZ20zYh7wGwgxclH+bKuuvv2U2jpQvfrm5MntI:B4l5h4k0zw77cVjuiJvzmStI

    Score
    3/10
    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      13KB

    • MD5

      72862ffef9009b6fb8612da1ad0a5c6d

    • SHA1

      c11ac4e0ec4da3045bcd8f13a2f316091e44a960

    • SHA256

      4d9256ed7156a541a336f44b9fac8ef9e5b5b787abbbc68297b455a79d2bfdbe

    • SHA512

      796ba8d70c7373275b5e4ed0a5a1f91e0809b65e2a942c56cad9f7e941c62e24608c924c53a6fac4b1431cdcf24d9f8e15b8356dd085098706b16d947330bc40

    • SSDEEP

      192:1znbcLwcLP4wuoId0pdafRbUjuNey3YG/1vpEcDFC1Ac1W:17bWLw3IsJojEey3YMpEcDF

    Score
    3/10
    • Target

      Puzzle_Blast.exe

    • Size

      652KB

    • MD5

      64d84a33eff9d46427ee88c9ca88cd0b

    • SHA1

      48701c679c39fde49dee30cd06d0131b284c1709

    • SHA256

      09ecf29d7534a459a547a9eb811d73a7220751fc3756062a214359794de23ec6

    • SHA512

      780234324d36abe8d2873bd73f08005f463934b626979de18e2e9e03dc0ae4bcf91cd7adeec0a7dfb4b00faf21bfb4f5494d62e7aed5737ee1a09cc504e1f2b8

    • SSDEEP

      12288:s4K5IvIl1GxVghGNNFtAcQeNaFnyiUTfV6W9gPF2Gn:KkIli1Tt7NayiUTfv9gd2Gn

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      bass.dll

    • Size

      96KB

    • MD5

      ee3757788eea4bd71e7779b497a30672

    • SHA1

      87eac11f16444f38adf19c8b68087a001bf3704a

    • SHA256

      1ec0ae08cd89e542cb32e1ff6206b2d033a4513630f3e00751cc41e57a061a45

    • SHA512

      d9f7c06db0a100601d8f81dcdf1f052f6444956c45a2de660847d413abc4e383137e5ca21b9bf79aba106d1451366abd0814d96b7f80189e9f38849fdcd4dec6

    • SSDEEP

      1536:vwMJ+mc09Bm36GOr3GitlGjftiwbj9su8WXF+u8+J3hBTN2aSy69ju4UmEM/g:Ikx9Bm365GitEQwbJsdb+J3tn69jxU3

    Score
    3/10
    • Target

      mysearch.exe

    • Size

      312KB

    • MD5

      49f799c24707ba2933989f2447f732f7

    • SHA1

      d3fbc5ce62a374b4519419ceddade4c6277f8c0d

    • SHA256

      b2a164564f7882cced37eb1b712254ed13b07aa91b2b351946176f15192e1cce

    • SHA512

      710de1d58b7fa68e1cddd902faa7272b933558523d20abab89958f6c13fb4a0ea66439a3058d9de8fd31304c5316c4a6b8dfc196900abbb13ef36ddac08b6288

    • SSDEEP

      6144:3+bkpRwTJ5e6T9DdqbPaPowUxJMX6vnNcB1ZiRoKRU:7Ue6TiaUNnW1wRl2

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks