Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9

cfd01b8d44...18.exe

windows7-x64

7

cfd01b8d44...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

smsniff.chm

windows7-x64

1

smsniff.chm

windows10-2004-x64

1

smsniff.exe

windows7-x64

9

smsniff.exe

windows10-2004-x64

9

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118

  • Size

    151KB

  • Sample

    240906-sjns5ssgkj

  • MD5

    cfd01b8d442ffa4ce981ee246fdc99ab

  • SHA1

    48df4ac24df3fd0d6fa5b2f745fb00a1d30e7735

  • SHA256

    267bdfcd1012dd782dc67d24841b02c793efb43aa7cafb65f17c85fd63c70a1e

  • SHA512

    68361616805a94ff038bd0204e6188403b41735251151d57b6e2692daa7a34cd19df99d80af74cf4a055023627443af677a890e0a963213b227e5e7ec5db9d29

  • SSDEEP

    3072:Qd/vyWmJe45UX9rJx1klW5qzEmu0qtHmMH2Q4+GBlyDLR:QXptXlYzEmu0qtHmVQ4+dR

Score
9/10
discoveryupx

Malware Config

Targets

    • Target

      cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118

    • Size

      151KB

    • MD5

      cfd01b8d442ffa4ce981ee246fdc99ab

    • SHA1

      48df4ac24df3fd0d6fa5b2f745fb00a1d30e7735

    • SHA256

      267bdfcd1012dd782dc67d24841b02c793efb43aa7cafb65f17c85fd63c70a1e

    • SHA512

      68361616805a94ff038bd0204e6188403b41735251151d57b6e2692daa7a34cd19df99d80af74cf4a055023627443af677a890e0a963213b227e5e7ec5db9d29

    • SSDEEP

      3072:Qd/vyWmJe45UX9rJx1klW5qzEmu0qtHmMH2Q4+GBlyDLR:QXptXlYzEmu0qtHmVQ4+dR

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      3809b1424d53ccb427c88cabab8b5f94

    • SHA1

      bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e

    • SHA256

      426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088

    • SHA512

      626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee

    • SSDEEP

      192:i6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxT7K72dwF7dBdcQOz:i6JaVh4I5rpPbT7+BdhO

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      8262fbc2a172ff04146e7587649d7091

    • SHA1

      628be3fede2a79d4b321b12f979711caf77e8a7e

    • SHA256

      ac53840d019b746ab5dabaa40d7720c9a4487c861b155926454bf8b10bd0963d

    • SHA512

      8e11f1f1811a424b1ae5ab8e064d5313adc118ee7607f6a6f9b9976647ca6c91496133d5575d4737386a1485f39cf6fd074dbfd619807f42fe148a640186f639

    • SSDEEP

      96:Z+rBC0x22epxPEvC4FkWE+in1/FMvsCGRfRFqCB5tXGhEl5VN:Z+FepxPE1r8/FtmCDtWg5v

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      smsniff.chm

    • Size

      18KB

    • MD5

      406e807947b81980c9fc16035b671064

    • SHA1

      c986aa02772f436451c8b10a7b1c091b405606f0

    • SHA256

      8b908765fe9c279a276fa7d5593bf44ff7616dd1e56211e1bcc329a22ded557a

    • SHA512

      69dd2dcdfb92cba644bc6342ee93f6b1a14e246834a5563229e80d54152364419f1ffe5a5d9569d24133de9f484d17788be3fcb741fa65f693d57acffcb6ee61

    • SSDEEP

      192:gIxHNJrOsFvFrfGXYmSGK2NhhF2qkVzcJ5AMiuVxEcCNfi7xBkYdsisX:gIxfLFiYmjKeh66J/SK7x5+HX

    Score
    1/10
    behavioral7behavioral8

    • Target

      smsniff.exe

    • Size

      71KB

    • MD5

      28f2d8e22d55bd07f42821cb439bdb44

    • SHA1

      eb5ca1598a3c65cf20a36b3567ffeb8931c256b7

    • SHA256

      c92044a80b93ce86f42712d4422d8f3827cc433ae3900177769fd10be15a8790

    • SHA512

      68314df06d434137a3c387092f7472f03b3077982a897c37b2c9e4ecc9a5de2fafc0daa313e91248ea50f5790d40a8e7eefdc15a19d831e454abd81bdd7605b8

    • SSDEEP

      1536:JKbAlS64Og9xicaJ9c9eQw3QB6kxObQZA9wDHRV0lzzRniIU7QHaL3vi/K1:M6gX0c9eQ4QB2YA9wzRilxn7U7QHaLf7

    Score
    9/10
    discoveryupx

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10behavioral9

    • Target

      uninst.exe

    • Size

      46KB

    • MD5

      95e89b1e4a5d8deec95a4cf33a573d2b

    • SHA1

      147283a4a65535fa17dda67e0c0882c0bff65a27

    • SHA256

      c63d4002857e41e9aa9527a1c8ba3c7363e73d06907c1f6ecd54bd1f7a1728e9

    • SHA512

      3de03c0800bc2ba470edb566d5290790a229b52bbd7ae09e4d619f33746e36dbcee73debcbb6e1fbb6e1c0dce9f952e215363e6defe1738a96046abde2b1f9e5

    • SSDEEP

      768:s/UpAHiGjRQ1kkjH918xnyzOp7OssT1pF/O71mJ/6gd2iZQAm6kRRS+NoJRneH:QUeHiWRgkkjH8nyWmJygdLeAyNxH

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks