Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
3hdl4.exe
windows7-x64
7hdl4.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3nogba.exe
windows7-x64
3nogba.exe
windows10-2004-x64
3uninst.exe
windows7-x64
7uninst.exe
windows10-2004-x64
7新云软件.url
windows7-x64
1新云软件.url
windows10-2004-x64
1General
-
Target
b0bbc072d7e74137cdbc65ed78f615d9_JaffaCakes118
-
Size
13.1MB
-
Sample
240820-zce1zswbnp
-
MD5
b0bbc072d7e74137cdbc65ed78f615d9
-
SHA1
ea5431ba0dd12d8877f18db8637e06d108496826
-
SHA256
36ad3ad56de732f194a3058134741e4631c120aef9fca3bbf61ead6f71aeeecc
-
SHA512
6d5c7c6f16329d53865a022c160842dd3b9bbf87e337494daa55cceaaff08a6a85462f5238f3c1eeaba568a4515b1e4a67256b2dff1b17579f4fc71bb6b9d33b
-
SSDEEP
393216:99n2bLedzsm7KZQ1jjnfBOl17kqbqnFpQMnfC:5dzscKGpf0YqiM+a
Static task
static1
Behavioral task
behavioral1
Sample
hdl4.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
hdl4.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
nogba.exe
Resource
win7-20240729-en
Behavioral task
behavioral6
Sample
nogba.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
uninst.exe
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
uninst.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
新云软件.url
Resource
win7-20240704-en
Behavioral task
behavioral10
Sample
新云软件.url
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
hdl4.exe
-
Size
13.1MB
-
MD5
0bd063d06a88ca56f62f22bbc18d66ed
-
SHA1
661537aeec088c83b5ffbc8e20e91ab255a001e6
-
SHA256
2473dfff0111720681894ac22b6fe9a5130d81f914a252e1f804e5ed635dbf62
-
SHA512
c2359ba4703152eaa7faa57f8fb72c752c459737659ed69235078409503d87bea8bce9520a1ebeaf93bf2929c1897c44fbe644cade063965c5a1d6ce173a4810
-
SSDEEP
393216:MKrKWA55tmIwOPdhKQqPtGWnXyncuCw4O7LKmn:MiKWYoIJd/qPcWX8cuCwSY
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
107737e3282fefd85684f2fa3df6d1c3
-
SHA1
3befbcae116a644ae28cebdc1d7dfe6be5c8ca5f
-
SHA256
21042be362d4073053bffcc90511b3ecf77902243525b56bb159581b5ece43a0
-
SHA512
439ac2f3066902e08d63dc3061f55063089857e765feb29fe47ba5819a9bebdff3fe2fe55fc8bfcfddb729d340f006ee95b5aa4422d712f9dcc07cc02ec410b4
-
SSDEEP
192:FTmFxiXTQdQbg9FkGuz9lBDpO5DwbgUojcA96lK72dwF7dBG0N1:FTmriEdYQFkGUlI6vojj6l+BGE
Score3/10 -
-
-
Target
nogba.EXE
-
Size
587KB
-
MD5
7a59511e200b3eefc2314e2b4dc3da54
-
SHA1
173958ef5aab83197d9fff9472ce9d8b058f6427
-
SHA256
dcff6474d1df650092c3f1af91df3b092a06d33adeaf6d7c0787862ec944f917
-
SHA512
c601820b8317005ce958c711aa1d8e8379711f21c7ca673f4a51b63a653c889eabb96a291f0849beb055242a093464513695424539ea068c3d16477d5299a200
-
SSDEEP
6144:lTWkUUJ9izBIrXkOwNQ7jDWHztCOf4rjPZkPDmbUQLS1pogpdcg76q/iNHFN7GR:lTWRUDe4nvbzucgGNF8R
Score3/10 -
-
-
Target
uninst.exe
-
Size
65KB
-
MD5
79555a3d69e66899e98fa5252fba608f
-
SHA1
66a7b470e5f0a0534aa65fd3c724301d4366fef6
-
SHA256
04f4a4ef816a929cc64fa7deaa142fdd02e9b6e89511d7c79c3cf9d382647a7a
-
SHA512
61bee7a7847f1b94f349d5fa8bb6b994aa0c0ef10c8bd8b6ffeb0ead2a94a1b39e0f8c957a20d4713a49e937835a184001312e60e907bdd7b05b40645b748800
-
SSDEEP
1536:sppal05FyuC/jL052PgFEla4ZJJcC2gBZZZ3gxLSAOMbfj:sp8l05FyX0mpa4ZJJcrswSApf
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
新云软件.url
-
Size
133B
-
MD5
4f0017b3b346bd0626f0c3b915e6e734
-
SHA1
823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
-
SHA256
df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
-
SHA512
0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score1/10 -