Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

dace0deab0...18.exe

windows7-x64

7

dace0deab0...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/mmm.dll

windows7-x64

3

$PLUGINSDIR/mmm.dll

windows10-2004-x64

3

aview.html

windows7-x64

3

aview.html

windows10-2004-x64

3

htmlayout.dll

windows7-x64

7

htmlayout.dll

windows10-2004-x64

7

zaika467.exe

windows7-x64

zaika467.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dace0deab0b9b408694e6e88517397c4_JaffaCakes118

  • Size

    2.4MB

  • Sample

    240911-ve41nsscrb

  • MD5

    dace0deab0b9b408694e6e88517397c4

  • SHA1

    fd683dc4bed73009a701df0a0d07733401fbd282

  • SHA256

    c22279b381ab4fe6d423b9912e251e0cb17197b32d279b35d71925886fd793ad

  • SHA512

    8b036b5d7499655261cd8f6e0853098d5e20cfbb08d51838e9006c6cf162e8150ea39fe8f49986e0abcd437728b84095c198c38795d6cdf316b7e749cfc238d3

  • SSDEEP

    49152:rQRc8TIz0JbgVL0eGIfQa5XXB9Lp2rgrPjEWNBrCaEXIPn:8RcM2L07ID5XLUr27pNB+Xa

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      dace0deab0b9b408694e6e88517397c4_JaffaCakes118

    • Size

      2.4MB

    • MD5

      dace0deab0b9b408694e6e88517397c4

    • SHA1

      fd683dc4bed73009a701df0a0d07733401fbd282

    • SHA256

      c22279b381ab4fe6d423b9912e251e0cb17197b32d279b35d71925886fd793ad

    • SHA512

      8b036b5d7499655261cd8f6e0853098d5e20cfbb08d51838e9006c6cf162e8150ea39fe8f49986e0abcd437728b84095c198c38795d6cdf316b7e749cfc238d3

    • SSDEEP

      49152:rQRc8TIz0JbgVL0eGIfQa5XXB9Lp2rgrPjEWNBrCaEXIPn:8RcM2L07ID5XLUr27pNB+Xa

    Score
    7/10
    discovery

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/mmm.dll

    • Size

      7KB

    • MD5

      323a34a899ac07858724a9d6bd98845a

    • SHA1

      6157e087b0725a0aa0999baf993f7c5bee82ac06

    • SHA256

      dfb7b7e988368767d663ffbabd5e3d7fc054934237f60c71fc7530fd22e7e7be

    • SHA512

      a73754faaeb3628a8dfe6aa742306551040a2209117c491a4c3f87893b224a81a1227843598c5c3486f38e9c77a1a8e178615922b822c03956d317d150fe2fae

    • SSDEEP

      192:nfmgqB6un6RfJ6ewWU/5VYFLppWFuZQiQpN1Yy:fmgG9nkhFhfFLjWFuZQi0NZ

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      aview

    • Size

      669B

    • MD5

      564600807066146dc368c6627026b72d

    • SHA1

      4292d27223db0deb65a1f5ae8d640defe5342bec

    • SHA256

      dc4d12525d8287d781533e093fa4206c6be2400b52a8702a62c7ccde18909ade

    • SHA512

      4dff77f1f5e0ba38b3b7d19cd6c01857b7086a0ee52acda2a90c019fdbd5ca7419ef891885b445acf957eb7d0df81fc1b3d618ae3449f135a119af6528f28778

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      htmlayout.dll

    • Size

      850KB

    • MD5

      6d86e3a49392da678589c3e5eb82f9f3

    • SHA1

      b7325e2acbf6b2135e3602379a66c3b22247081b

    • SHA256

      17713d3a76a1f4b8d31e80bfb4a1ff666750c413d28cd744419a0e2b108cd891

    • SHA512

      0b616aa6a36513ab432203ba2276d5221234f11b89cd1b789a6cde0d282bac6e5a5a17af34073b061f9fb7b360a9853a32493b1aa120efd8ae94ba0bdaf44dec

    • SSDEEP

      24576:3KknMZK2dJ8nvRJJIpkNJWH6Jh4CfGzE5bE4Sd:3Pa/dmokNw5pz8Y4S

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10behavioral9

    • Target

      zaika467

    • Size

      1.1MB

    • MD5

      7e3cea57209155ae1d94683d688ffc0f

    • SHA1

      112c9c9d15ca6511cb10d92dd5ca46d412c627fc

    • SHA256

      5053b544586950fd5770e95250ce8229c5f6f78cfd0feeed489fd40f55abfba7

    • SHA512

      67e556e581d6f76516f3f404e819ff7523a518bc18b4e80851cc3d021635a5032258e3676b099f037d99747d5d8698b7af627fb6d97c8a900495663807f589c8

    • SSDEEP

      24576:kB1K9Bv7+JXvo2q504Azq7JOlXHTYbDOMz8PopRl0rb:S8t+25079XTwDOtopH0H

    Score
    1/10
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks