Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

hdl4.exe

windows7-x64

7

hdl4.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

nogba.exe

windows7-x64

3

nogba.exe

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b0bbc072d7e74137cdbc65ed78f615d9_JaffaCakes118

  • Size

    13.1MB

  • Sample

    240820-zce1zswbnp

  • MD5

    b0bbc072d7e74137cdbc65ed78f615d9

  • SHA1

    ea5431ba0dd12d8877f18db8637e06d108496826

  • SHA256

    36ad3ad56de732f194a3058134741e4631c120aef9fca3bbf61ead6f71aeeecc

  • SHA512

    6d5c7c6f16329d53865a022c160842dd3b9bbf87e337494daa55cceaaff08a6a85462f5238f3c1eeaba568a4515b1e4a67256b2dff1b17579f4fc71bb6b9d33b

  • SSDEEP

    393216:99n2bLedzsm7KZQ1jjnfBOl17kqbqnFpQMnfC:5dzscKGpf0YqiM+a

Score
7/10
discovery

Malware Config

Targets

    • Target

      hdl4.exe

    • Size

      13.1MB

    • MD5

      0bd063d06a88ca56f62f22bbc18d66ed

    • SHA1

      661537aeec088c83b5ffbc8e20e91ab255a001e6

    • SHA256

      2473dfff0111720681894ac22b6fe9a5130d81f914a252e1f804e5ed635dbf62

    • SHA512

      c2359ba4703152eaa7faa57f8fb72c752c459737659ed69235078409503d87bea8bce9520a1ebeaf93bf2929c1897c44fbe644cade063965c5a1d6ce173a4810

    • SSDEEP

      393216:MKrKWA55tmIwOPdhKQqPtGWnXyncuCw4O7LKmn:MiKWYoIJd/qPcWX8cuCwSY

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      107737e3282fefd85684f2fa3df6d1c3

    • SHA1

      3befbcae116a644ae28cebdc1d7dfe6be5c8ca5f

    • SHA256

      21042be362d4073053bffcc90511b3ecf77902243525b56bb159581b5ece43a0

    • SHA512

      439ac2f3066902e08d63dc3061f55063089857e765feb29fe47ba5819a9bebdff3fe2fe55fc8bfcfddb729d340f006ee95b5aa4422d712f9dcc07cc02ec410b4

    • SSDEEP

      192:FTmFxiXTQdQbg9FkGuz9lBDpO5DwbgUojcA96lK72dwF7dBG0N1:FTmriEdYQFkGUlI6vojj6l+BGE

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      nogba.EXE

    • Size

      587KB

    • MD5

      7a59511e200b3eefc2314e2b4dc3da54

    • SHA1

      173958ef5aab83197d9fff9472ce9d8b058f6427

    • SHA256

      dcff6474d1df650092c3f1af91df3b092a06d33adeaf6d7c0787862ec944f917

    • SHA512

      c601820b8317005ce958c711aa1d8e8379711f21c7ca673f4a51b63a653c889eabb96a291f0849beb055242a093464513695424539ea068c3d16477d5299a200

    • SSDEEP

      6144:lTWkUUJ9izBIrXkOwNQ7jDWHztCOf4rjPZkPDmbUQLS1pogpdcg76q/iNHFN7GR:lTWRUDe4nvbzucgGNF8R

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      uninst.exe

    • Size

      65KB

    • MD5

      79555a3d69e66899e98fa5252fba608f

    • SHA1

      66a7b470e5f0a0534aa65fd3c724301d4366fef6

    • SHA256

      04f4a4ef816a929cc64fa7deaa142fdd02e9b6e89511d7c79c3cf9d382647a7a

    • SHA512

      61bee7a7847f1b94f349d5fa8bb6b994aa0c0ef10c8bd8b6ffeb0ead2a94a1b39e0f8c957a20d4713a49e937835a184001312e60e907bdd7b05b40645b748800

    • SSDEEP

      1536:sppal05FyuC/jL052PgFEla4ZJJcC2gBZZZ3gxLSAOMbfj:sp8l05FyX0mpa4ZJJcrswSApf

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral7behavioral8

    • Target

      新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks