Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

c8172e6486...18.exe

windows7-x64

7

c8172e6486...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...nd.dll

windows7-x64

3

$PLUGINSDI...nd.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

7

$PLUGINSDI...om.dll

windows10-2004-x64

7

$TEMP/$_9_...in.dll

windows7-x64

3

$TEMP/$_9_...in.dll

windows10-2004-x64

3

7za.exe

windows7-x64

3

7za.exe

windows10-2004-x64

3

Greening.dll

windows7-x64

3

Greening.dll

windows10-2004-x64

3

NsisPlugin.dll

windows7-x64

3

NsisPlugin.dll

windows10-2004-x64

3

aq7z.dll

windows7-x64

3

aq7z.dll

windows10-2004-x64

3

aqhttp.dll

windows7-x64

3

aqhttp.dll

windows10-2004-x64

3

flashplaye...ug.exe

windows7-x64

3

flashplaye...ug.exe

windows10-2004-x64

3

flashplaye...it.exe

windows7-x64

3

flashplaye...it.exe

windows10-2004-x64

3

Խ�...��.exe

windows7-x64

3

Խ�...��.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c8172e64861bb97e51fc9b5543ba55fe_JaffaCakes118

  • Size

    12.4MB

  • Sample

    240829-c55e1szdnb

  • MD5

    c8172e64861bb97e51fc9b5543ba55fe

  • SHA1

    648cf3e381ac61f8b6bfc8129546f8adfd85af37

  • SHA256

    a6e5a8a215a0dc10694aea0b7f38f48793fec4310df633d9fa91038e29bfe626

  • SHA512

    6204aa4ca50bce92916a8a4825101391a4abf76e5cd8a8eca2cdd4c80bfb461d176711e1878d9c5ab0f13fc509372655925938d7d2d780671c5ed61571f3498d

  • SSDEEP

    196608:YDxyHasJ4mcdeFdLAiqolsWoVsOaJFFUSrNGngbFQ59wb4tiVXNWBRpuR:YFGJ5cdeF+ifyyHPrqgbaTCPWBDuR

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      c8172e64861bb97e51fc9b5543ba55fe_JaffaCakes118

    • Size

      12.4MB

    • MD5

      c8172e64861bb97e51fc9b5543ba55fe

    • SHA1

      648cf3e381ac61f8b6bfc8129546f8adfd85af37

    • SHA256

      a6e5a8a215a0dc10694aea0b7f38f48793fec4310df633d9fa91038e29bfe626

    • SHA512

      6204aa4ca50bce92916a8a4825101391a4abf76e5cd8a8eca2cdd4c80bfb461d176711e1878d9c5ab0f13fc509372655925938d7d2d780671c5ed61571f3498d

    • SSDEEP

      196608:YDxyHasJ4mcdeFdLAiqolsWoVsOaJFFUSrNGngbFQ59wb4tiVXNWBRpuR:YFGJ5cdeF+ifyyHPrqgbaTCPWBDuR

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/ButtonEvent.dll

    • Size

      4KB

    • MD5

      fad9d09fc0267e8513b8628e767b2604

    • SHA1

      bea76a7621c07b30ed90bedef4d608a5b9e15300

    • SHA256

      5d913c6be9c9e13801acc5d78b11d9f3cd42c1b3b3cad8272eb6e1bfb06730c2

    • SHA512

      b39c5ea8aea0640f5a32a1fc03e8c8382a621c168980b3bc5e2897932878003b2b8ef75b3ad68149c35420d652143e2ef763b6a47d84ec73621017f0273e2805

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/MyNsisExtend.dll

    • Size

      1.0MB

    • MD5

      b62a9aaf2baea2383692fbd2250bf183

    • SHA1

      dfea11abbc7a41979fd8ad4aae9d79f4ca05209a

    • SHA256

      076bf53363146d6704a88b6806f75d69a6cf207a64a76c1fe5cc57ad8ebacce9

    • SHA512

      6d405a891d9291e8d31ccb8bacdaa482bbc97db076c88e6c81d966ee75728bb44d55d2a3ae34611676a2209b9cf6ede786916e4864228ebbfea24de0d0a7307e

    • SSDEEP

      12288:eC9WSn5SoF0y8t2oJS5o4eifqc06wXj47zCmpnQDCj1VpkXt7EaSZ00xI+d55bQ:eCJkRwoKovtCxkXVEDou5bQ

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      883eff06ac96966270731e4e22817e11

    • SHA1

      523c87c98236cbc04430e87ec19b977595092ac8

    • SHA256

      44e5dfd551b38e886214bd6b9c8ee913c4c4d1f085a6575d97c3e892b925da82

    • SHA512

      60333253342476911c84bbc1d9bf8a29f811207787fdd6107dce8d2b6e031669303f28133ffc811971ed7792087fe90fb1faabc0af4e91c298ba51e28109a390

    • SSDEEP

      96:UPDYcJ+nx4vVp76JX7zBlkCg21Fxz4THxtrqw1at0JgwLEjo+OB3yUVCdl/wNj+l:UPtkuWJX7zB3kGwfy0nyUVsxCjOMb1u

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      36bdf3e282ee81ea2f9a400604a55ff6

    • SHA1

      032c7337754bd9bddb71db20feaddad7837e0a29

    • SHA256

      c5bf321a3a2aace7b42014cf78a3d0fb3eec03b2c8ff00ad72445f56657377af

    • SHA512

      58a99987fb63e392632f855f97f945bfd9de941788905636807a925b711db290370965875f1074478ce40ec4cd6f9e671a661e14c14a17ddceb08df692fe9c5d

    • SSDEEP

      96:3ip41CMj95rKhkfL5RkEdKkcxM2DjDf3GEEE9v5E9av+Yx4FndY7ndS27gA:3iujesS4HREEK5MYxwdqn420

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/nsRandom.dll

    • Size

      21KB

    • MD5

      ab467b8dfaa660a0f0e5b26e28af5735

    • SHA1

      596abd2c31eaff3479edf2069db1c155b59ce74d

    • SHA256

      db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73

    • SHA512

      7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301

    • SSDEEP

      384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral11behavioral12

    • Target

      $TEMP/$_9_/MyNsisSkin.dll

    • Size

      324KB

    • MD5

      c42575c6e2e273c04eb7bc3e4119e337

    • SHA1

      658e3d042e28196a321ee6446b9e6845d5478abc

    • SHA256

      9f8c4e9ae3d8b764f860b19024ce077a26758d79eeed309a475fa152b7a1f736

    • SHA512

      b1743d6804685da6c8ea2cea2d91c2f98e2e2ff9eaeccc7d873f1f90eb58f43c50d17b9acb309e71eb94c3b38f5dcc6736d2f0fc2c1a089eae4cca8d4743c308

    • SSDEEP

      6144:FOrNKQjNQnWqJolkFucBm1fXr9ICcYerKJbYm3IyU:F4NKQjNQfqOuEm1fXncdrKJbJg

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      7za.exe

    • Size

      574KB

    • MD5

      42badc1d2f03a8b1e4875740d3d49336

    • SHA1

      cee178da1fb05f99af7a3547093122893bd1eb46

    • SHA256

      c136b1467d669a725478a6110ebaaab3cb88a3d389dfa688e06173c066b76fcf

    • SHA512

      6bc519a7368ee6bd8c8f69f2d634dd18799b4ca31fbc284d2580ba625f3a88b6a52d2bc17bea0e75e63ca11c10356c47ee00c2c500294abcb5141424fc5dc71c

    • SSDEEP

      12288:myyKdVnyNhXCV4EkP7AIfzNXZ0b5NrnkcAqIV0A1caRI:mKvyNhXCV4E8BXAfrnkcAqU0A

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      Greening.dll

    • Size

      263KB

    • MD5

      82ccb4dd63833063abd1c56ea80b529a

    • SHA1

      bd89dae631cb68e5fa0c53accc83881f7cd365b3

    • SHA256

      e3dccccc8f63981e528b0823a149f234bfd7cb56a23618f5004e379f8ada7183

    • SHA512

      c908c553b7b9b7053c5938e20fe3ff97591097c3237554da3197b4d078b24cd12a5bb01597347652c422aaa920e86dc38a3776b96a6cfd46222798a3f8036867

    • SSDEEP

      6144:S9uLRNaFnxyidtru4FXUPsGCtCleOS1fEPx:S9uLRNib8sXUPzl3wEPx

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      NsisPlugin.dll

    • Size

      94KB

    • MD5

      b1934c6af2fbd347173e427e56df95d7

    • SHA1

      f92082c990a6480080b830ef4bd07598a8859d4e

    • SHA256

      fb9a660beeb95bda853512b94c3d3f46b672d6ffef7d969201b24289a476e69f

    • SHA512

      2156cf6cc817e29fbf27445ca9954d4f14de89b1c3357f303762e5228c68e286978d2b81e97eb3e56e3db02ca028a86260f2646275441b34f7eecf4aff7ac746

    • SSDEEP

      1536:2js5fqoXWm9IJGXtnZFaVjt1caUsWjcdRrZ5bVHfiXYd:X3VpP6HbRrZ5bVHqXE

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      aq7z.dll

    • Size

      94KB

    • MD5

      53014f3764238d08a48590e2e1f5f4b9

    • SHA1

      d29a5a32e894f6fa589468f855ac99e6f547af00

    • SHA256

      f06254e552c975775d570f1278a2d3c48f61a8df100b0d138110316b47c91823

    • SHA512

      4c91352728c880a5db4256a5d9090d9af956fa3026a5b46464b5f09a67e11cb782db83b43f8ec08926268ec735a9a6bb3f7eca82e714325a7f6299a8e463f28e

    • SSDEEP

      1536:YHVYz2JZuFaPVRqykTUapbaGcW+JsWjcd+DVle27+i:icsZD+yQlaSx+VsG+i

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      aqhttp.dll

    • Size

      276KB

    • MD5

      3c9ec661f20ee6ca4bb17cfe7c0a5174

    • SHA1

      9b9cbfe0e640d7e97c9c6caa5eb5fa9160cfcfe3

    • SHA256

      71fd49b5c6af695e92eea36794025fca1b629cba62be6a5cdaf37648dd412c98

    • SHA512

      2eebe718992a392c9a57a99cd3414e3a52fd14f06d52974d7700d57d9cf6dffafe80061f6f872edd4173982eabb95abbd99694760ce3fb35377513a8cf13ca5a

    • SSDEEP

      3072:Vc5zhpoq5HD2d2G110e8Z8pbachkddtldc2rp6uaGckcdrpgAuhmoTeQubqXK5+0:VCzhGYlI0e8chctlJpZHcPUXKj2WXNZ

    Score
    3/10
    discovery
    behavioral23behavioral24

    • Target

      flashplayer_10_sa_debug.exe

    • Size

      6.5MB

    • MD5

      3665e31c5653d901ebe91aae996a8530

    • SHA1

      6bc5727f1df7c7f12f0b5645d277a5b721be2d4e

    • SHA256

      8a2b1fb21ef790c487c84c86274e67917bf7d258fe0b43f4132c1e33da402c90

    • SHA512

      3e2d346a8ebc514249028dded739e99644f5b1bbf1ac8ba5938e1c45d5f47fd1dab8d43b97e8949a05c365278b374c2bddadfd561ba93097390f38d4145ccc67

    • SSDEEP

      196608:gcFfSYaBd1U22l8oG8qbfTmkstz3IRNPsD9cV:N6YN3GBmkstz3p9G

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      flashplayer_11_sa_debug_32bit.exe

    • Size

      8.9MB

    • MD5

      aa504203f63dce187b370924c3d2e1b8

    • SHA1

      b6f47758f394a85cf7b4912d1e15b5e56e3b9d45

    • SHA256

      b430688b6f1c9796c69a4dd5df0c79533d5ce4c338bf5cf46b18afe745c16f76

    • SHA512

      d7492611ad8532e88490fd9eaaf93938263a4374da0f40c2672cebcd22b085d580c229f882450dd6b3be5e0219ded1c7bef0b34cba45b4678846192dabee8257

    • SSDEEP

      196608:YaaEBKG9DhK5MnCMm4qCVeiuHMco+q15Fq+/0s/O4:YfEZ7Vm1iuo+q1Ts4

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      Խ֮ǹ޵а.exe

    • Size

      1.1MB

    • MD5

      412637a474719528bd6858303688fbea

    • SHA1

      a803ba1adc0c3c1b5c162a450bab8e8f6d0bad5a

    • SHA256

      4d3d68f0100ec0e12584f1ff8de15f9b0a8e029af756100bf03023554e5afcdc

    • SHA512

      62fa643e0022db6f377fcede9b6889c6a03884f4277c17a3dec1333f3b7d652f5265746064449f179c020a8636687c70116601498d1e862583252eec35188808

    • SSDEEP

      24576:mzKlBrfjrN5YJH3cZk4wcCgKjhyxXGbu9ASv+CqxkIG+3c:VfvNaMW4fPGjSvxqxkIGYc

    Score
    3/10
    discovery
    behavioral29behavioral30

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

discoveryupx
Score
7/10

behavioral2

discoveryupx
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discoveryupx
Score
7/10

behavioral12

discoveryupx
Score
7/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10