Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
3upgrade.exe
windows7-x64
7upgrade.exe
windows10-2004-x64
7$0/barquery.dll
windows7-x64
3$0/barquery.dll
windows10-2004-x64
3$0/barquery.exe
windows7-x64
1$0/barquery.exe
windows10-2004-x64
3$0/uninstall.exe
windows7-x64
7$0/uninstall.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3General
-
Target
9fd6173d31bbfa7965c4a8fc09dc2b17_JaffaCakes118
-
Size
646KB
-
Sample
240816-zdw1wswakg
-
MD5
9fd6173d31bbfa7965c4a8fc09dc2b17
-
SHA1
9068eceb4b69c39eb265dfec429f06719f554a82
-
SHA256
da0e41d416669558afdd0fb93b2e0949ca15a8cf887202ed1fe2bb879fd737fa
-
SHA512
6f0f47323b4faf202b7cc9aeec795203ca903f4170e5daa04bc0c457d6a63f603fd2bc919f4f5302d604d480fbce773b6a1b9dda73cf4153d26809e376b6b4c1
-
SSDEEP
12288:c6B/LUjD1H4oL4DiBe30UtXJ5lnqpr4zGrWbHO55tsnJIqw:FBjUj5H4oMD30AXJTnygGrWbQidw
Static task
static1
Behavioral task
behavioral1
Sample
upgrade.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
upgrade.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$0/barquery.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
$0/barquery.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$0/barquery.exe
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
$0/barquery.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$0/uninstall.exe
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
$0/uninstall.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240704-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
upgrade.exe
-
Size
655KB
-
MD5
819303c7e63bc7c2eb24597405598489
-
SHA1
30d886c99b2bc788e6f8c5269972516707889a63
-
SHA256
1d3ec1f724cfb73b3013cbfc2f9822ce45a3ab2fa7fc6ad36aa432969f7ba350
-
SHA512
57bae4c2ff48a490dc17922416cbe8cff48363a25cfabd142cfe7367f4e14d7a77ffb8be866d3c49e902cacbc17365aa035ce47e12cdeeffcea4d9f2fc723eef
-
SSDEEP
12288:Q6f/WUjD7H4vLeDAZJ30gtXb5lnqpr4iGrWnHR5itsiJba:Jf+UjHH4vCD80EXbTnyTGrWnaNA
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
-
-
Target
$0/barquery.dll
-
Size
588KB
-
MD5
ba4afdfa3b2cad896327213f409b0d03
-
SHA1
261c751065b2df4f7d89b339b0de04955f0f8486
-
SHA256
ed029f38b112ef92b882195087c03820dd7e3c68d6afe3b1bff7a6a767951243
-
SHA512
9a668ff61bcaff5892eacacb91f26a179cda75d219fc4e5123b72ca9e6f8ab1c81ec9cd6b4269e68cd4d461f141c8426528d2702bad929ef92e3f356ce2f653f
-
SSDEEP
12288:5DAsVbvYmn4R0n5r4nDa72duuAArvHFi5Bc5vDJ:xAsV7UG50jux84KJ
Score3/10 -
-
-
Target
$0/barquery.exe
-
Size
64KB
-
MD5
500b81e0cdbe8c0d434f45962a621299
-
SHA1
9866fa0433a42f5d3e97eab588d913f3490f875c
-
SHA256
434bb35b4b0c24ab21ff5666201ed60cc0f76c7fad9e58c61ca953f8593d3115
-
SHA512
a6faa90766c653eede8f4177b8b5fc4f6c4349cbb92fc0ddf7065cb925b26d6afe29f0cadb66d3b5e0443a53bbd4fd0043c0fb49f737e6c2b5ac7cdee0dc4166
-
SSDEEP
1536:nD7cuzrkurF5Ve2D8C4WE9qkPMmLBYcDl1SJ:nDgHGF5VFFqqkPXfDl2
Score3/10 -
-
-
Target
$0/uninstall.exe
-
Size
82KB
-
MD5
66ca9b50a89726e4bc5d2f00ceb0e27f
-
SHA1
8e0a04d571df697d2af94070111f3c93185ce78d
-
SHA256
d7d0c63a6588746c822026e52cf1d0d47369c6ded8169a8c3e5548f017df2a6f
-
SHA512
5274107a75072c76bdb05b05a1e78663acc4918610b56d74ec023e74e46d04a65d418e4a51167a7afe471e2a37ccf5dcd969d8c4e84c6bbf5481d57e77ebce2d
-
SSDEEP
1536:YEkjY1zy214Qay0DGkJ7qAELVigJ0cpolwUMH55Lo42/D1W:XkjAJ4dDGkJ+AI0wwwUMH59oP/M
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
13KB
-
MD5
d765c492c21689e3d9d61634371fd861
-
SHA1
ac200933671ae52c9d5544d0e2e8e9144d286c83
-
SHA256
551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
-
SHA512
9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
-
SSDEEP
192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
10KB
-
MD5
fe24766ba314f620d57d0cf7339103c0
-
SHA1
8641545f03f03ff07485d6ec4d7b41cbb898c269
-
SHA256
802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd
-
SHA512
60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3
-
SSDEEP
192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB
Score3/10 -