Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d2c7d63c694a25c7bab66ac236813a8f_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240907-zbbl6swdkc

  • MD5

    d2c7d63c694a25c7bab66ac236813a8f

  • SHA1

    6100215137567ad4231f5fc7bd63d7f8dbab9ba1

  • SHA256

    65c3e6e9dc7f50876122c004d13575354b629b6972a48ca566587663acfb7231

  • SHA512

    7e281647d2ed5568ed7039354055e1e3b386432e0ef8f63638be9079a1385ce0ca32175e124eca86fae50f008641c70cbd5dc18d18b373e0f72e05da0faea34c

  • SSDEEP

    24576:7K54NfjDovgy2Ez5pzQHz5CPcKfo/zE0eMTYVWQa3SF9+3NS9:7JjD01p5pzQHzEPg/4jMEVoCFYo9

Malware Config

Targets

    • Target

      恶意软件清理/RogueCleaner.chm

    • Size

      381KB

    • MD5

      07611b6ce73e6b2b4b113d2400aead31

    • SHA1

      4b13d3fa4c33d688b49f9131104205c905c0f764

    • SHA256

      7790a9291b8d29663653831d4cf01d9b22a1ac3f851398a463549402ebaad7e8

    • SHA512

      5898d98ecd49a61a643240c3e39d6ad646d40555375e42220a073296039bcd436778744c068941b015d9d69f85141b457b341c08c9d13b67291aea99de37d360

    • SSDEEP

      6144:VYKhp9er06N7wSq4uxl41mM/6Yqg3GlJ9v7TDW7RHHgDZrjdKYVCuSvKiSEdQEnB:j9e46N7rq44lxrlHjW7RHgjKYVCG2ZnB

    Score
    1/10
    • Target

      恶意软件清理/RogueCleaner.exe

    • Size

      465KB

    • MD5

      fd3f3626f88d339741342f958271b916

    • SHA1

      8c0c4a063dbaed42fb76eab109652b47697bac95

    • SHA256

      f7e066198a4186c5e63ab154e4ce11453dae45a331ea441657859516b1346e0a

    • SHA512

      051f21400486e5fd038780849788d5094a00da91c8a1f5c930a71f21c4252a734bb523c8349f4d887b63bda694649a837b62c4c533ff7f652b8f8e96f6a2ed41

    • SSDEEP

      12288:Kh13U2jMtszYKQ2Mrz9u11Qo5iT690SINvoJ:KPk2jMts+z9qQGiT6970e

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      恶意软件清理/WinSockFix.exe

    • Size

      46KB

    • MD5

      4750ccc6cc08efdeb9cc31b4064bcfdf

    • SHA1

      694674bd9eaf7629941937f02ffcf39eff7d6f60

    • SHA256

      9c8d26fab93e94ae24198001a063a683aa1f282d01cbda614028694617a786aa

    • SHA512

      9e0112810e12a7122bb117fedd4e62f16ca6d830e52252e01a27386d16751adcc4e1028a0e727a84016da340ccab4d201c4e00166cb17a693e0d5f55676f45e6

    • SSDEEP

      768:EP9kQMZgu7Q5w09GPJ9+n2mLgALHJeT2KLECGAFRRSG+oFGK7KJ6+XpeUDvjSV3G:E1j7a+nNLgAL225CGAFRVMH5nLjU

    Score
    3/10
    • Target

      恶意软件清理/rsclean.dll

    • Size

      192KB

    • MD5

      af3c6dc20c0c7ece1dc6370e16f10cc8

    • SHA1

      219140b111cbd49b77e50b3942a53f6131a231bc

    • SHA256

      d312de9529f34e0606937682a5b34bd9a10b001bd5a04c4b761c79cca429d1dd

    • SHA512

      6bffb0ad8da75070b889eac520e1dc86173f13921f5b088273d73116f90cb14e243bc0a8059f9fb29324d2d21a6ac2af43f86dc76219ea40b6eff722414c5ee7

    • SSDEEP

      3072:JfziRnGqHqcWlLOFJW9w0UCFlu2TUwK3w3CoaqbZ/7/QO/4xzEik8GI2CucC2L:ZzihbHqeWGUIwK3wyolQhucC2

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      恶意软件清理/rsdefine.dll

    • Size

      988KB

    • MD5

      f9bb3b59dd4f7d79bb7175e7ca21d313

    • SHA1

      337f6c59fc3ab5d7e9f0faac23ba7ac4dfdb80be

    • SHA256

      76e2e107e4e3ef2599fe264f9eb5cfc7995fa09e81dfeb800a2ae2399adf3f39

    • SHA512

      520f112577a259f8a5537822e7480414879a415a6c6e5ac7e58f55ff2d5720f2690013e2d283b0045c4f6a0ec9ec89b7ac523e7f93ae4b2bda40b08b25737c62

    • SSDEEP

      12288:nuCOFaQ6vqFUhd2zc2D13zRJvt0fFZp3zcn5JMkwpGeZ+:dPiFUhdCvt0fFZp3zcn5JafY

    Score
    1/10
    • Target

      恶意软件清理/rsdubsearch.dll

    • Size

      192KB

    • MD5

      caa862b78c7681cef2b4d35ef6778e94

    • SHA1

      8afb02f6be5591505e840fb984146f894ab4834d

    • SHA256

      d6c1fdb7515382a562d81507b736100e8d033d11ec721cb713c789b6e4deb221

    • SHA512

      6df6a8065e6b650781e0a2b9f3a267c7cdf8df0bca3006746e77f98e0f9a67a45f2715cbf1ea416e00facf9f79c75ccd6520d9b0f5acb53640234e147c43f36b

    • SSDEEP

      3072:SvRfLrSiCgnis2P8w1eP+RdviH4VdIuWHabc6AZq8/j+1Q5MjPEVmYBKi:SvJrAs2EB0dKYVpWHabczJ6QB

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks