Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

upgrade.exe

windows7-x64

7

upgrade.exe

windows10-2004-x64

7

$0/barquery.dll

windows7-x64

3

$0/barquery.dll

windows10-2004-x64

3

$0/barquery.exe

windows7-x64

1

$0/barquery.exe

windows10-2004-x64

3

$0/uninstall.exe

windows7-x64

7

$0/uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9fd6173d31bbfa7965c4a8fc09dc2b17_JaffaCakes118

  • Size

    646KB

  • Sample

    240816-zdw1wswakg

  • MD5

    9fd6173d31bbfa7965c4a8fc09dc2b17

  • SHA1

    9068eceb4b69c39eb265dfec429f06719f554a82

  • SHA256

    da0e41d416669558afdd0fb93b2e0949ca15a8cf887202ed1fe2bb879fd737fa

  • SHA512

    6f0f47323b4faf202b7cc9aeec795203ca903f4170e5daa04bc0c457d6a63f603fd2bc919f4f5302d604d480fbce773b6a1b9dda73cf4153d26809e376b6b4c1

  • SSDEEP

    12288:c6B/LUjD1H4oL4DiBe30UtXJ5lnqpr4zGrWbHO55tsnJIqw:FBjUj5H4oMD30AXJTnygGrWbQidw

Score
7/10
discovery

Malware Config

Targets

    • Target

      upgrade.exe

    • Size

      655KB

    • MD5

      819303c7e63bc7c2eb24597405598489

    • SHA1

      30d886c99b2bc788e6f8c5269972516707889a63

    • SHA256

      1d3ec1f724cfb73b3013cbfc2f9822ce45a3ab2fa7fc6ad36aa432969f7ba350

    • SHA512

      57bae4c2ff48a490dc17922416cbe8cff48363a25cfabd142cfe7367f4e14d7a77ffb8be866d3c49e902cacbc17365aa035ce47e12cdeeffcea4d9f2fc723eef

    • SSDEEP

      12288:Q6f/WUjD7H4vLeDAZJ30gtXb5lnqpr4iGrWnHR5itsiJba:Jf+UjHH4vCD80EXbTnyTGrWnaNA

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      $0/barquery.dll

    • Size

      588KB

    • MD5

      ba4afdfa3b2cad896327213f409b0d03

    • SHA1

      261c751065b2df4f7d89b339b0de04955f0f8486

    • SHA256

      ed029f38b112ef92b882195087c03820dd7e3c68d6afe3b1bff7a6a767951243

    • SHA512

      9a668ff61bcaff5892eacacb91f26a179cda75d219fc4e5123b72ca9e6f8ab1c81ec9cd6b4269e68cd4d461f141c8426528d2702bad929ef92e3f356ce2f653f

    • SSDEEP

      12288:5DAsVbvYmn4R0n5r4nDa72duuAArvHFi5Bc5vDJ:xAsV7UG50jux84KJ

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $0/barquery.exe

    • Size

      64KB

    • MD5

      500b81e0cdbe8c0d434f45962a621299

    • SHA1

      9866fa0433a42f5d3e97eab588d913f3490f875c

    • SHA256

      434bb35b4b0c24ab21ff5666201ed60cc0f76c7fad9e58c61ca953f8593d3115

    • SHA512

      a6faa90766c653eede8f4177b8b5fc4f6c4349cbb92fc0ddf7065cb925b26d6afe29f0cadb66d3b5e0443a53bbd4fd0043c0fb49f737e6c2b5ac7cdee0dc4166

    • SSDEEP

      1536:nD7cuzrkurF5Ve2D8C4WE9qkPMmLBYcDl1SJ:nDgHGF5VFFqqkPXfDl2

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $0/uninstall.exe

    • Size

      82KB

    • MD5

      66ca9b50a89726e4bc5d2f00ceb0e27f

    • SHA1

      8e0a04d571df697d2af94070111f3c93185ce78d

    • SHA256

      d7d0c63a6588746c822026e52cf1d0d47369c6ded8169a8c3e5548f017df2a6f

    • SHA512

      5274107a75072c76bdb05b05a1e78663acc4918610b56d74ec023e74e46d04a65d418e4a51167a7afe471e2a37ccf5dcd969d8c4e84c6bbf5481d57e77ebce2d

    • SSDEEP

      1536:YEkjY1zy214Qay0DGkJ7qAELVigJ0cpolwUMH55Lo42/D1W:XkjAJ4dDGkJ+AI0wwwUMH59oP/M

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral7behavioral8

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      13KB

    • MD5

      d765c492c21689e3d9d61634371fd861

    • SHA1

      ac200933671ae52c9d5544d0e2e8e9144d286c83

    • SHA256

      551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc

    • SHA512

      9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f

    • SSDEEP

      192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      fe24766ba314f620d57d0cf7339103c0

    • SHA1

      8641545f03f03ff07485d6ec4d7b41cbb898c269

    • SHA256

      802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd

    • SHA512

      60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3

    • SSDEEP

      192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB

    Score
    3/10
    discovery
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks