Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

凌云快�...��.exe

windows7-x64

3

凌云快�...��.exe

windows10-2004-x64

3

凌云快�...��.url

windows7-x64

1

凌云快�...��.url

windows10-2004-x64

1

凌云快�...il.lnk

windows7-x64

6

凌云快�...il.lnk

windows10-2004-x64

6

凌云快�...er.lnk

windows7-x64

3

凌云快�...er.lnk

windows10-2004-x64

7

凌云快�...32.lnk

windows7-x64

3

凌云快�...32.lnk

windows10-2004-x64

3

凌云快�...C).lnk

windows7-x64

3

凌云快�...C).lnk

windows10-2004-x64

3

凌云快�...��.lnk

windows7-x64

6

凌云快�...��.lnk

windows10-2004-x64

7

凌云快�...��.lnk

windows7-x64

3

凌云快�...��.lnk

windows10-2004-x64

7

凌云快�...��.lnk

windows7-x64

3

凌云快�...��.lnk

windows10-2004-x64

3

凌云快�...��.lnk

windows7-x64

3

凌云快�...��.lnk

windows10-2004-x64

3

凌云快�...��.lnk

windows7-x64

5

凌云快�...��.lnk

windows10-2004-x64

7

凌云快�...��.lnk

windows7-x64

3

凌云快�...��.lnk

windows10-2004-x64

7

凌云快�...��.exe

windows7-x64

3

凌云快�...��.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bab036d726ad17f96834ef013ca17e72_JaffaCakes118

  • Size

    489KB

  • Sample

    240823-g4ycja1hpm

  • MD5

    bab036d726ad17f96834ef013ca17e72

  • SHA1

    0260fb023dcd0f3e130f565a91f4e2797445ebfb

  • SHA256

    f46fd0445aeee43ef552d528451a3365f2b7612d41d82f78cdc828f00abb41c3

  • SHA512

    3cc507eed4971bd77fb9948f0e696fc305663785cbf946eec4d41da287200c367b0daffa9cb831213c6f2c64896ba5bc540430c56c01210c7a72dc2641372965

  • SSDEEP

    12288:7J5FuStgA2yNKscRyfvPqBrdPBol/3pwDxmk2S0mms:7JbuAl2rfRmPqrFBU/3p2m+0mX

Score
7/10
discovery

Malware Config

Targets

    • Target

      凌云快速打开文件夹/凌云快速打开文件夹.exe

    • Size

      666KB

    • MD5

      581278f73ab9cd8bdf4fe744565594f7

    • SHA1

      3536333b9b1faced388f94eb464016c1b830ace3

    • SHA256

      303e3769ebe3be98b348a94abe4029e63bc3b1fe8403e976d7e29713c077bce0

    • SHA512

      41d1ce9f2b46e53ca1cff8fc3f866b6c8dd9ced4ffc9e128756a52691347c6f612ac53bf21c8d727e55f7663a6ca7db7b29461edbd6686f8170b8536e5bddd8e

    • SSDEEP

      12288:96muKY625YZJmZCYxD4y5zQMqKQIQaBD+LPVfm8u0yGrUcse9T1lkLIlvg:REP5Ym4YxMg7qzVuT0ykv

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      凌云快速打开文件夹/新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    behavioral3behavioral4

    • Target

      凌云快速打开文件夹/程序快捷方式总集/Foxmail.lnk

    • Size

      599B

    • MD5

      d9a2616b7721f8a86998a4e0ed623dfa

    • SHA1

      5be9fab3f19827d9a691a7bb24e12855906ae6ad

    • SHA256

      ef0afa52cfdeb646b0a63b9221b0b6ab18460ede9d46156a0ed952ad54a2a9c0

    • SHA512

      164219da95e15e5efee75f99580874073c553037b84c26124e797bb49b3c7440fa80e7cf5ccb4b646ac5a6803b6e35a1a94973c8a2c8a6f42d3e93c4ba9edf95

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral5behavioral6

    • Target

      凌云快速打开文件夹/程序快捷方式总集/explorer.lnk

    • Size

      474B

    • MD5

      59e28374b3576eb60e54a682974bd2f2

    • SHA1

      79211ad9d5552a1b12e035d0242919df5eb4a72c

    • SHA256

      a0b2cceb567ca5b926c14328c9742921b1149525d0994708900b70f25aaa7675

    • SHA512

      f8b150ce64849574432904320ba4359a3bce12842fcd572402e9ba09afe9e811864768b8b5ab699a0d1af622da27cb490ad943f46dcf7f4e67dc83b5d57b52c9

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral7behavioral8

    • Target

      凌云快速打开文件夹/程序快捷方式总集/system32.lnk

    • Size

      436B

    • MD5

      533e72d537a713f73f491a7de8b709bb

    • SHA1

      9ec26af6d427bf676140a93769a6a626edba444d

    • SHA256

      1628d5f59909146bb9a0181a52a80939f8d5fc8692c8df4e30e816d80a280158

    • SHA512

      d7cf3e01384d0115a787f3bec17d49b027eee41f52991d656cf1baf8cf4ae7ee89d60d17c5eb6b08c98ea61dad7293e3c070bec81e2fb889effe4be47323e597

    Score
    3/10
    behavioral10behavioral9

    • Target

      凌云快速打开文件夹/程序快捷方式总集/winxp (C).lnk

    • Size

      298B

    • MD5

      6bdcef53a3939b87be3749b6872fecf5

    • SHA1

      f40d34b5556ece786988e9d49ed4ab79449093fd

    • SHA256

      9b996b98aa7934901d6b3c7e28fa91ed0d470b598f09543cf495b9f347571af2

    • SHA512

      c5bede380e628b9fe5dbcc52e87a3e3286ca976d55e6b2aa0d6191dbf6ab79a31d8a0682f27645b0c54124f44385260d44cc8fd0637b86a34a7764ed008a193f

    Score
    3/10
    behavioral11behavioral12

    • Target

      凌云快速打开文件夹/程序快捷方式总集/可自由添加删除.lnk

    • Size

      693B

    • MD5

      d4854820c6133943c40255c6b9accbfd

    • SHA1

      865dbd0ac30244674a7ca255510d6f5c35af3d4c

    • SHA256

      4ad2b244dbbfefa9f7faae908a92a970216e1e8aacd034fc3391e37d58a62112

    • SHA512

      33eb1f90697834e33610ee2a037f2e5628d840a4a04872267b22b2242abad5cb237ab61deb4f9a6528c3b98222793f6fde36ce1719a460b39e15e2618abb2e32

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral13behavioral14

    • Target

      凌云快速打开文件夹/程序快捷方式总集/注册表编辑.lnk

    • Size

      469B

    • MD5

      3be3cf3d61d056690ab7c447418b1a94

    • SHA1

      722a5baa8c3a98052d9bd1f609699caefffe8127

    • SHA256

      7bfef0406212055c31a26d6f5b02659fc224f7f85ff98efe5906e67ed13a5b48

    • SHA512

      fc921aacd27076164575b798e0b1f98e2a2e7bc266019b51b7499a7f147c30ae06286ca391d70a0f0b6e47f89044f7489feaa121d22331c8179c3cbefe746a96

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral15behavioral16

    • Target

      凌云快速打开文件夹/程序快捷方式总集/系统配置实用程序.lnk

    • Size

      1KB

    • MD5

      b439fc703fcef251acef74370ab3d65c

    • SHA1

      bdee95e0c6a9ec6cf7422fa7b0fe071e8294a6e0

    • SHA256

      53a9547cb51d609ed6ff430f7d9c557069e9e17e29c3795da0f860feb4911fe0

    • SHA512

      d89b23b6cf3783eb921db91d467b45513442ff2d3ae43237276f117af72514608427b2590523cc2e4beb16a2c4c0417daacec6cd8dc0e5683ac3b9e8796c7ad9

    Score
    3/10
    behavioral17behavioral18

    • Target

      凌云快速打开文件夹/程序快捷方式总集/系统配置编辑器.lnk

    • Size

      560B

    • MD5

      a4b28c50ba271ff574464cd18a1e0ec3

    • SHA1

      8445e50a20a12637b8a6b86969c83bddcb910d05

    • SHA256

      dd2311700631087548f2188d2e3ec03cc4fb634cf50d3313962a149417e0fc2b

    • SHA512

      d5f71122a24dd70b7de15269c1b1d764b67c8b9f192123efcbba74b21ab956ca290fb3b03117700986659b05146659d245661d70f3b3c6bd8c5b7ff9b2f82cbd

    Score
    3/10
    behavioral19behavioral20

    • Target

      凌云快速打开文件夹/程序快捷方式总集/组策略.lnk

    • Size

      557B

    • MD5

      d25da440bdc01bda79c116d3dc60d047

    • SHA1

      488a9080d24eed071b49823f52afb6b49c006b5b

    • SHA256

      145f6f7c6f545844b6a27fef0bfbda29ef5a985d66a4619fc48a9f0d23fd2fd9

    • SHA512

      5ad42f6870503eab31bf786aba5cb28aea60e76183ed744e61cb6697db1e53f293f24b2200c63db17e251d5117be99764cf67946142a354a5fac4a7980a7f259

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral21behavioral22

    • Target

      凌云快速打开文件夹/程序快捷方式总集/记事本.lnk

    • Size

      469B

    • MD5

      ae0fc5263bd6bbf58fa19de1826ba8be

    • SHA1

      3eca07e6b99165aad2a2057f8fe565c4e0746af4

    • SHA256

      741cbdba01dc8ebb83ad4196ba3ae9ed4fad422de85e43318962ce324f453a3c

    • SHA512

      a504cd0433301d806d505485b55a49421253763314c2d0b5d4a1b13f98a53bcc024e1fc337150781c222a8c0c397ce49b10bcd31d86cebe4a05cae020d9eac24

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral23behavioral24

    • Target

      凌云快速打开文件夹/软件发布之最佳伴侣_用户反馈表/软件发布之最佳伴侣_用户反馈表.exe

    • Size

      747KB

    • MD5

      9b975fd89aa154ba79c3506209ea0c07

    • SHA1

      b76cd99c32e4a6a175bfa99374530c59c43d763d

    • SHA256

      2b0509891598d393cd9f842a230e6a7c100f9a96764790b11e857df3c49cea57

    • SHA512

      07cdc0edbbc59f445467f6a17511c77dac297e8c28ee8b2eb322e945999c3289235a38795d1fa4ec4324ca198e1c8fc85d478a652e6cf0cb6e4d50e640f5e0f1

    • SSDEEP

      12288:SZUttKeyEWCTWTapyH1JdvfjFPXPtznKn5kA3tuLVmAeAqdnd:GKUFEWCTNpOHvfjFPP98R9GVzeAqdnd

    Score
    3/10
    discovery
    behavioral25behavioral26

MITRE ATT&CK Enterprise v15

Tasks