Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Cheat-Master.ru.exe

windows7-x64

3

Cheat-Master.ru.exe

windows10-2004-x64

3

mod_sa for...g).exe

windows7-x64

7

mod_sa for...g).exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...od.dll

windows7-x64

3

$PLUGINSDI...od.dll

windows10-2004-x64

3

$PLUGINSDI...rl.dll

windows7-x64

3

$PLUGINSDI...rl.dll

windows10-2004-x64

3

$PLUGINSDI...og.dll

windows7-x64

3

$PLUGINSDI...og.dll

windows10-2004-x64

3

$PLUGINSDI...up.exe

windows7-x64

7

$PLUGINSDI...up.exe

windows10-2004-x64

7

Uninstall_...CM.exe

windows7-x64

7

Uninstall_...CM.exe

windows10-2004-x64

7

d3d9.dll

windows7-x64

3

d3d9.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf136e87c053a75114b20692bc31a23b_JaffaCakes118

  • Size

    714KB

  • Sample

    240824-vrkgsssdlm

  • MD5

    bf136e87c053a75114b20692bc31a23b

  • SHA1

    1d10c8362d31029f150bcd7b9faf98d147e256c9

  • SHA256

    f57c1ea32aeca71a26d25590f275de29d3c3072869da02111a76035307c30bb6

  • SHA512

    041e3251ea284b3af4dcba2b1d6c956976b9d72165a38e04eb7588351c274c75f40bb6b768466199e64024f3a5a50a9fed3037a89c3a08ff2fa38f1dd5c50d92

  • SSDEEP

    12288:m+CYPwWK1Vi6QtaMEsu5/BU4dGWslfl9r6SwdMzEAdhxYTDD1+jiXBhpVer+eU:mYenigMEP55UNWqN9+ZRAdhxYwMHertU

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      Cheat-Master.ru.exe

    • Size

      10KB

    • MD5

      70db36c32dd7b2084d0290646d9ebd96

    • SHA1

      f60f984ec6d588cf9183f5db8075fcd92671e31f

    • SHA256

      330a948e2b0018cfad48f829791b9d6b496a708960b91cccf7328f2eef354213

    • SHA512

      ae5a742f2189781ee63ba49a748dd952405eaf4896827b1975297f42674affac1804c3c32678f335a1ef0fbe682af7f2178bb78ee1b24a4e1e1d5846540bcaa2

    • SSDEEP

      96:jmeKz3/drDHMZ7h+YeZBxJJSI+UqOX+0ki9+3jtyLzJeCa8KC7tCH4VN:jm3+Z7h+YeVJJRhqOXKqGj8LzupIN

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      mod_sa for CM.v4.3.1.3.SA-MP.v0.3e.Setup(eng).exe

    • Size

      729KB

    • MD5

      19b0377c359dc2ca1cb1f81465a72585

    • SHA1

      8bf20592025291567b35700d29578da6a3734439

    • SHA256

      6244a72779d2c3619b95292a881837876288697b64c7bcd0571acdde28d153b2

    • SHA512

      9f9890b6053d1eaabefbc2af39ec19b3802d1178459442d9b5104410ce5375a613aee112c08b1e3ca0b342a28226be5c067215eaca0b44c5aecb1692fed1c7f3

    • SSDEEP

      12288:er/6zp1WktZNeCjEkn65ZzxT4AJa44/lseFlKZpWyt4Noyqwug2aRA0+fKU1dJpB:mGp1f9ew3uVqAJarHTA5coy7tmPbdJOq

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      4c0c6163b636f627e0d505deda672c90

    • SHA1

      2eae4e6f00673a03ae2434f1b22dc9218e4761a8

    • SHA256

      bea71368433f91e32c597db990089ecb7599879f76a64f7f3446489578b2d5fb

    • SHA512

      e817ad35f0e89ecce9d73add641d9eab95de6c6c30153e594673c8e0243e738a31dfb872cc76a8d51bc513775fc1dabc9adb65019298048539d6c3aa7d33e2ef

    • SSDEEP

      192:MO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1apgMO:9KAFERdlxhGRYUzqZap

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/bassmod.dll

    • Size

      33KB

    • MD5

      e4ec57e8508c5c4040383ebe6d367928

    • SHA1

      b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06

    • SHA256

      8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f

    • SHA512

      77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822

    • SSDEEP

      768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/brandingurl.dll

    • Size

      3KB

    • MD5

      028857ee4bf29e5379b19027df010071

    • SHA1

      8cba90942b3ea405f70e4ae899bb08f7b58dfe70

    • SHA256

      798ce85390508959953b55d966ee3ad8fae938cb107233876566a5823d339a66

    • SHA512

      e08d91f53039a1ec0c768a873b91901cae3fa7b91f368157c3adca12cb439b627e9d4558b49d747ef7fe6250a51693183ca29422603bf102bee05aa410539b8c

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/dumplog.dll

    • Size

      2KB

    • MD5

      a517578af0baffd5a235d8177a651a5c

    • SHA1

      900040ea61cb705f5529ffe87522640ca220c8fe

    • SHA256

      0dafc86043fc2d263570cd95b778721924bfcbce36744b828961529b779ca4a3

    • SHA512

      afc20fb8dcae46f65f92300cc51ccf0c21d76d2135e3a8beed2fe363a2b10b1525fc042d7e307ba173ad719c23705a5718d4059c834969bcff7a717845e9ae11

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/dxwebsetup.exe

    • Size

      285KB

    • MD5

      14ca145edd4f381e1adad6c2ceda5e7a

    • SHA1

      1f785ac7c5da7cc2750de9991cbb2d72b570ab82

    • SHA256

      b68ca13c29b2c9ad899f68fe3f9baff7ecbb848e963604ab5f66bcbf420a26c8

    • SHA512

      58c08005db38c9dee19d9ee02717fc9780fcd61a41e14491c51f7f23782511737ec8235637b797b3f83cef4028aad3edf746ab87e02ca08aac2727cd1ba7788f

    • SSDEEP

      6144:nWK8CN+qHUKfw5R8DPv5N6RkMphh++axWzfAHzxHtUiq4:ngKI5R8DpNakMpWn0zmtUiq4

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral13behavioral14

    • Target

      Uninstall_mod_sa for CM.exe

    • Size

      46KB

    • MD5

      97387f97fd4a02e7cb5c23d8074a8b89

    • SHA1

      57ea3501a8d424066f465d54ee9868e9ac5caa74

    • SHA256

      49163831f55678fc559f4da178283086eeef32544ce1df3d6b4ec5a24bd9a9cc

    • SHA512

      74bbdcf6dc1ad76471f89592be1ba3bc5146581f77ebff1af9c92c9b29f99f56b50bce3de6a81584af20a08787a4b36036a7b124f825f96b0a57695b57795bc6

    • SSDEEP

      768:7Sup23EQCjlQRB8/ewZ1iU6nyYFxbssT/F/O71mJ5agd2iZQAm6kRRS+NoJRneX0:Wu4EQalMK/ewGnh0mJQgdLeAyNxAb

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral15behavioral16

    • Target

      d3d9.dll

    • Size

      813KB

    • MD5

      75e1d1ad076bbfd59cfe21db9e5c4e86

    • SHA1

      39b7eab7c04ecb0f21f247585c413470e448ad70

    • SHA256

      4cbd3107e09cb3921a3187816d8f3f51b368281fbbd39b87bc35cde4047c804b

    • SHA512

      73626bd00581d34624ad144f20f38a361d2fae0dbf8904ad0ffa675e2f0df8eef026f972e4917209f0cb34a6cc9e368b76d1617ef6bea17bd237fcd60a13cc98

    • SSDEEP

      12288:lBS2P2WOBIBCfqSm40IY3Xb+oW8wnrF+a36bi:+2PeBapk6tW8wnr8jO

    Score
    3/10
    discovery
    behavioral17behavioral18

MITRE ATT&CK Enterprise v15

Tasks