Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
9Static
static
9cfd01b8d44...18.exe
windows7-x64
7cfd01b8d44...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3smsniff.chm
windows7-x64
1smsniff.chm
windows10-2004-x64
1smsniff.exe
windows7-x64
9smsniff.exe
windows10-2004-x64
9uninst.exe
windows7-x64
7uninst.exe
windows10-2004-x64
7General
-
Target
cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118
-
Size
151KB
-
Sample
240906-sjns5ssgkj
-
MD5
cfd01b8d442ffa4ce981ee246fdc99ab
-
SHA1
48df4ac24df3fd0d6fa5b2f745fb00a1d30e7735
-
SHA256
267bdfcd1012dd782dc67d24841b02c793efb43aa7cafb65f17c85fd63c70a1e
-
SHA512
68361616805a94ff038bd0204e6188403b41735251151d57b6e2692daa7a34cd19df99d80af74cf4a055023627443af677a890e0a963213b227e5e7ec5db9d29
-
SSDEEP
3072:Qd/vyWmJe45UX9rJx1klW5qzEmu0qtHmMH2Q4+GBlyDLR:QXptXlYzEmu0qtHmVQ4+dR
Behavioral task
behavioral1
Sample
cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
smsniff.chm
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
smsniff.chm
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
smsniff.exe
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
smsniff.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
uninst.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
uninst.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118
-
Size
151KB
-
MD5
cfd01b8d442ffa4ce981ee246fdc99ab
-
SHA1
48df4ac24df3fd0d6fa5b2f745fb00a1d30e7735
-
SHA256
267bdfcd1012dd782dc67d24841b02c793efb43aa7cafb65f17c85fd63c70a1e
-
SHA512
68361616805a94ff038bd0204e6188403b41735251151d57b6e2692daa7a34cd19df99d80af74cf4a055023627443af677a890e0a963213b227e5e7ec5db9d29
-
SSDEEP
3072:Qd/vyWmJe45UX9rJx1klW5qzEmu0qtHmMH2Q4+GBlyDLR:QXptXlYzEmu0qtHmVQ4+dR
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
3809b1424d53ccb427c88cabab8b5f94
-
SHA1
bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e
-
SHA256
426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088
-
SHA512
626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee
-
SSDEEP
192:i6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxT7K72dwF7dBdcQOz:i6JaVh4I5rpPbT7+BdhO
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
7KB
-
MD5
8262fbc2a172ff04146e7587649d7091
-
SHA1
628be3fede2a79d4b321b12f979711caf77e8a7e
-
SHA256
ac53840d019b746ab5dabaa40d7720c9a4487c861b155926454bf8b10bd0963d
-
SHA512
8e11f1f1811a424b1ae5ab8e064d5313adc118ee7607f6a6f9b9976647ca6c91496133d5575d4737386a1485f39cf6fd074dbfd619807f42fe148a640186f639
-
SSDEEP
96:Z+rBC0x22epxPEvC4FkWE+in1/FMvsCGRfRFqCB5tXGhEl5VN:Z+FepxPE1r8/FtmCDtWg5v
Score3/10 -
-
-
Target
smsniff.chm
-
Size
18KB
-
MD5
406e807947b81980c9fc16035b671064
-
SHA1
c986aa02772f436451c8b10a7b1c091b405606f0
-
SHA256
8b908765fe9c279a276fa7d5593bf44ff7616dd1e56211e1bcc329a22ded557a
-
SHA512
69dd2dcdfb92cba644bc6342ee93f6b1a14e246834a5563229e80d54152364419f1ffe5a5d9569d24133de9f484d17788be3fcb741fa65f693d57acffcb6ee61
-
SSDEEP
192:gIxHNJrOsFvFrfGXYmSGK2NhhF2qkVzcJ5AMiuVxEcCNfi7xBkYdsisX:gIxfLFiYmjKeh66J/SK7x5+HX
Score1/10 -
-
-
Target
smsniff.exe
-
Size
71KB
-
MD5
28f2d8e22d55bd07f42821cb439bdb44
-
SHA1
eb5ca1598a3c65cf20a36b3567ffeb8931c256b7
-
SHA256
c92044a80b93ce86f42712d4422d8f3827cc433ae3900177769fd10be15a8790
-
SHA512
68314df06d434137a3c387092f7472f03b3077982a897c37b2c9e4ecc9a5de2fafc0daa313e91248ea50f5790d40a8e7eefdc15a19d831e454abd81bdd7605b8
-
SSDEEP
1536:JKbAlS64Og9xicaJ9c9eQw3QB6kxObQZA9wDHRV0lzzRniIU7QHaL3vi/K1:M6gX0c9eQ4QB2YA9wzRilxn7U7QHaLf7
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
-
-
Target
uninst.exe
-
Size
46KB
-
MD5
95e89b1e4a5d8deec95a4cf33a573d2b
-
SHA1
147283a4a65535fa17dda67e0c0882c0bff65a27
-
SHA256
c63d4002857e41e9aa9527a1c8ba3c7363e73d06907c1f6ecd54bd1f7a1728e9
-
SHA512
3de03c0800bc2ba470edb566d5290790a229b52bbd7ae09e4d619f33746e36dbcee73debcbb6e1fbb6e1c0dce9f952e215363e6defe1738a96046abde2b1f9e5
-
SSDEEP
768:s/UpAHiGjRQ1kkjH918xnyzOp7OssT1pF/O71mJ/6gd2iZQAm6kRRS+NoJRneH:QUeHiWRgkkjH8nyWmJygdLeAyNxH
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-