Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

uninstall.exe

windows7-x64

3

uninstall.exe

windows10-2004-x64

3

winpnp.dll

windows7-x64

6

winpnp.dll

windows10-2004-x64

6

winpnps.exe

windows7-x64

6

winpnps.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b60fd24ad8026320b338639d67433c7c_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240822-c9vrdaycpl

  • MD5

    b60fd24ad8026320b338639d67433c7c

  • SHA1

    b26e4f6aa244c30156c7bc49c8f35bb145d18697

  • SHA256

    e70597952789aaa8793596997eee999046c3dc705e52b9935b7f643f6c8038ef

  • SHA512

    eb0e96cfa546147d48c4d2d2f87abbdad1e211f74d4745f0c6caa49cb48e04b8e6a50c6d3979f8483a02aaf7ad5cbd0f2e23a833b2efd1d311d2af15626832db

  • SSDEEP

    24576:ratYpgyN1zojANrdozmE+ZTgRuprUwYkDgvYDAF2HKT3YQJbF9jPMlDtHhNGE0Iy:rzgy/cANximEsgwpow7NDAF6KTowjklg

Score
7/10
adwarediscoverypersistencestealer

Malware Config

Targets

    • Target

      uninstall.exe

    • Size

      895KB

    • MD5

      a13d12c11cdbd13b2c0b22ad9d6e3ed1

    • SHA1

      c5c6506d40c2e475ac8b58f10ef855c498611963

    • SHA256

      8cd619e0fe6b87676d3dd45b26984b2dcf1a9d7a0a8c1bb4645d37c40825d97b

    • SHA512

      fbca99b6c80ea411cfc6f5fef9718bd42a5a0a158f500c9fa09d895f48bfcf5842d1d6525cf6395328b17f50d94ffa0ee2391374abad50cbbf9965073c131a2e

    • SSDEEP

      12288:8xZ8zFh789GLcnNrQQsnypjJykby8ZCR9emRjuBXjAH6zdDyNhRtgkfyCbw9Q:UuyGUrwybbnQX9toje6UHqCbw

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      winpnp.dll

    • Size

      893KB

    • MD5

      bdbe99254afa47224f49e3db59faaae2

    • SHA1

      19e4aae4ad4cd5c7e4ceafa49557747c5b148ab0

    • SHA256

      b017009fd4533fc82b1c2ee4601a8f78b7043b9f38122f89161d61f3dc19823c

    • SHA512

      ee5d152e211ef79c1ab714624b9c162eb62b36fcbc91285df60055d74943a529d76eab4168542ecb72b293be824a64438a1ff0f5aa3d6b87c9858ed0016c2097

    • SSDEEP

      12288:HJRmqKSL3zRdnujhwpG7TqhoH5fc2oXwAezy+vI6HzrUOYt1SHk7YSxAgpELW2D:pcqKMmEG7Os5fAXwAeO+vIi2JvAgWW

    Score
    6/10
    adwarediscoverystealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral3behavioral4

    • Target

      winpnps.exe

    • Size

      1.3MB

    • MD5

      8c99d9e3eb8e1510d45fdf2b3614938d

    • SHA1

      bb251b639e30e030365a76037b6b078498d3e8f8

    • SHA256

      5319983d18df4e4d4d619e277833fb53f8581beb5bff0c7345c87390a3a96cbd

    • SHA512

      e80ecfb48eb6a2ec50419e6a404ebd856b593b09fd5dac7098ca218dc7fdc85fae040ca76a4f8dd9911a525e58e03edf62267d41ddf9a82d4a30c549d2125afd

    • SSDEEP

      24576:MfhUapfoyj35K+r6MmgJcgoCS1CmmwFniM9:MfCK3grMJHoC49

    Score
    7/10
    adwarediscoverypersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks