Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

dbbaae6190...18.exe

windows7-x64

7

dbbaae6190...18.exe

windows10-2004-x64

7

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$WINDIR/ls...py.cmd

windows7-x64

1

$WINDIR/ls...py.cmd

windows10-2004-x64

1

LingvoSoft...ar.chm

windows7-x64

1

LingvoSoft...ar.chm

windows10-2004-x64

1

LingvoSoft...fo.chm

windows7-x64

1

LingvoSoft...fo.chm

windows10-2004-x64

1

LingvoSoft...lp.chm

windows7-x64

1

LingvoSoft...lp.chm

windows10-2004-x64

1

LingvoSoft...te.url

windows7-x64

1

LingvoSoft...te.url

windows10-2004-x64

1

LingvoSoft...ll.exe

windows7-x64

7

LingvoSoft...ll.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

00lsFRAR.html

windows7-x64

3

00lsFRAR.html

windows10-2004-x64

3

LD069D~1.html

windows7-x64

3

LD069D~1.html

windows10-2004-x64

3

LD13C4~1.html

windows7-x64

3

LD13C4~1.html

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbbaae6190ddcaadd6ec4a95f6a350e5_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240912-d1c1msyfrr

  • MD5

    dbbaae6190ddcaadd6ec4a95f6a350e5

  • SHA1

    e81fc3f4e40f2df579243a0bcdd16dcf557b33d3

  • SHA256

    c1019ece5e1779bda9a8a5a072d9f3806e655a489ddae31fbb4f4eefe57651d3

  • SHA512

    5e5cd268ead752e96ada805736235f0d50ba439a31f6c81db6716c11d4cb0b71ce3013b735cb82b073e871b687ec2942bd8980e1de1407126de4e5880a9ef251

  • SSDEEP

    49152:Zoj+bo81Qucgm0k7fmYPQ0deKFOZ2A6XqAZauEnuDA1vbfDmgPI4CKVm2Sd3KhuR:ex8qhwkLmYo0deKq2AObZQKwvHf3zV5i

Score
7/10
discovery

Malware Config

Targets

    • Target

      dbbaae6190ddcaadd6ec4a95f6a350e5_JaffaCakes118

    • Size

      2.9MB

    • MD5

      dbbaae6190ddcaadd6ec4a95f6a350e5

    • SHA1

      e81fc3f4e40f2df579243a0bcdd16dcf557b33d3

    • SHA256

      c1019ece5e1779bda9a8a5a072d9f3806e655a489ddae31fbb4f4eefe57651d3

    • SHA512

      5e5cd268ead752e96ada805736235f0d50ba439a31f6c81db6716c11d4cb0b71ce3013b735cb82b073e871b687ec2942bd8980e1de1407126de4e5880a9ef251

    • SSDEEP

      49152:Zoj+bo81Qucgm0k7fmYPQ0deKFOZ2A6XqAZauEnuDA1vbfDmgPI4CKVm2Sd3KhuR:ex8qhwkLmYo0deKq2AObZQKwvHf3zV5i

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/AdvSplash.dll

    • Size

      6KB

    • MD5

      c2b0653b5c96f8c9a0d07d157739006d

    • SHA1

      026734bde377a73bc70815ec71225f3025ddba80

    • SHA256

      cededcb856f634d96f6a52ebfad5f0a7992160bd59e56b4fcb29a4d8dded4b52

    • SHA512

      293e9badf2f960c0e1ad82920061977dcfd7ba470918d0ac659f2446783306268410a7de9eb03c78c4a6e44f62c521c83b4335c7474bfe47ea8321fe801af2fc

    • SSDEEP

      96:0QNyX2PtUZsMGe3SlFaqqhN51xWa5kkEkk/StCVwookyc:0FXYtxWSf61vk/kkStCVRt

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/BgImage.dll

    • Size

      7KB

    • MD5

      8ef133159dacbae0af1df462947380d9

    • SHA1

      35cb496273f5f5bd106e56f5da5964fac9df8352

    • SHA256

      0fa63770dcffdd96abce6f29f47356d7cd2294b5da33bb709a567368b3bb0ae9

    • SHA512

      8280131d6e65eb79b2621269113a845a27decde1fbc2ea5a72c6416ea9285c768fdd167c961e5889754d2d6a97105b1c91f97234af4520b3a80c98b45bcc7363

    • SSDEEP

      96:LcuJQGDD6lKsLcLGRpHZwlkxYWaSsZL5JR3n1zDUsc:gumGDD6BgLGR4ZLjB1Usc

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      b18dfaded8f6d2380fdfd8f6b6969211

    • SHA1

      969fa0e906240ab1123254feeb833c275626cf76

    • SHA256

      747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58

    • SHA512

      25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c

    • SSDEEP

      192:66JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTLK72dwF7dBdcQOz:66JaVh4I5rpPbTL+BdhO

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      9b17a13f814b137f88b961c087858063

    • SHA1

      c290dd3139b79aa340aec3ed3d674160433035e1

    • SHA256

      e54792a179a06acbb9b69c117ee804dce070505d1853d6e7d512f2a055a801b2

    • SHA512

      3a625f5f13e344c24973c79c074d1ced4d9206f87f392dc7c8f0c116d0f2b878b60340e2377d0240c47f0e34e25e4e3af8b196bbca1c6a29a0f51d8408e8b0ec

    • SSDEEP

      48:SnNQ/z+vUML8eYXICmlmGYKHz0JSpXSxwo6mpwzcR3RqG8aEJcABofgMGKO:Bz+MM4eqmvz0JScx56mpwzAhWcGV

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      d9bfc172ffb915cb6e07759674844993

    • SHA1

      42775b7eacb8c24c82aa496bf6b42b8e60c94b53

    • SHA256

      9ef619bef78d71437d2d332244b405f7dec82a11c8e5917bcbb182b91fdad5c2

    • SHA512

      846e5cb7f45d1d1ac41c150823daaf2299730ec347b5c5e640250953ec88df3c63005cb835a708ef940777d8cbeb3a97b252db9e627fd87245a115c20b670735

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $WINDIR/ls-rkf-copy.cmd

    • Size

      384B

    • MD5

      aee5e228294361b785a9f482759d6ad9

    • SHA1

      d0c77829472a7bc876fa4ff5d453e86cfa2a2c3a

    • SHA256

      4f3c59c72939f5d28e9f3877586e776682fa80f9b8397d94fbc25ae3fd27a342

    • SHA512

      895f43e5342f87f2bbe2d18d6aa878dec011f1c2e54ecb9ba6506c5dd4771ed25ab0073832198067fdcfc5b3de8f6cee4bb0ceab16f05dbe69b566ac3f4f8109

    Score
    1/10
    behavioral13behavioral14

    • Target

      LingvoSoft Dictionary 2008 (French-Arabic) for Pocket PC/Grammar.chm

    • Size

      51KB

    • MD5

      f29a2dca02ece45d16cf4e198bae34ba

    • SHA1

      2c9ea8dec83614d45c0c7ce26765e9af00bdf86f

    • SHA256

      84a440876cb70b9948f5a914caf3bbceb14588de007c0cda14976277d7d7047f

    • SHA512

      130999ca5cfb386a258462bfdb7b3ff64e53c6e664a454e2d1e750de9b49004a37004bdd6b8517028c4e972da1386944fc52da6dc97911c333066d13fe1da924

    • SSDEEP

      1536:s/yZM55BHzrOOjwujPWMES2rVvmJSdeho6:HMdHzKOjPWMELskde/

    Score
    1/10
    behavioral15behavioral16

    • Target

      LingvoSoft Dictionary 2008 (French-Arabic) for Pocket PC/LangInfo.chm

    • Size

      422KB

    • MD5

      6e8849cb5cc38dc261c4eea5f65ea11f

    • SHA1

      aac8869f38055c69fea3e922d8b9ef71fcc39fec

    • SHA256

      0f971db561f4abc852bfe7d93106e168c3809b76ea8da188be1b72d45cea987d

    • SHA512

      88b5ff35deff7451725650ef479ba90ba5ce833925b6fd6fa84a99df332ca4a31a6048bf5db68c97b483fc8b8aabc73544c1c2a63b5159d4b9d1f0c20b835e81

    • SSDEEP

      12288:g8xgjrjWxwZvpPODX53sUq48QnD5F7VuQvU:vGpUX51F8QdLub

    Score
    1/10
    behavioral17behavioral18

    • Target

      LingvoSoft Dictionary 2008 (French-Arabic) for Pocket PC/LingvoSoft Dictionary 2008 Help.chm

    • Size

      327KB

    • MD5

      160a97272bd2e78d91ba800280bb5a8f

    • SHA1

      8d7a13ef781dcf403bc4b5d364858405104026a1

    • SHA256

      98568e7068b06876f914d3e5d3a21e2282113e8d62aa5f9a2fbb935f02d8bbf3

    • SHA512

      4731d1c59dfc8e90db6d7a6814515bdbd9511c65e2d9963e0974e1930261e3b2f4aa890c835301d442df53b0db6359909e1bf4200c5c87271cfef596afe67b6b

    • SSDEEP

      6144:hSt6PDPMLy6c6OvhkzTmLQKEqDAmHqs0mxA8QXNMfCPZfqN6jXUZuj0XMaNI0Xyf:Mt6556ihcKEMTHqexAmjWXULv3Xyf

    Score
    1/10
    behavioral19behavioral20

    • Target

      LingvoSoft Dictionary 2008 (French-Arabic) for Pocket PC/Lingvosoft Web Site.url

    • Size

      251B

    • MD5

      9a1a583cfd81573624d087fb154b9174

    • SHA1

      ae0fa6b1e7bb2724f0d8f9f04d76f8d8e53a9c2b

    • SHA256

      75048000175e368f386e4fa60f688988b8c55be86adb2cb9fb7f7727a65613ab

    • SHA512

      af1b1bab45f14139bd8fe90b0dc7b6d039d7a74c5f736a2105eb24855360f64c9448d6b1f0abcf2974b939917df5e361af9129a3b75ea075e3841c1f94cccb17

    Score
    1/10
    behavioral21behavioral22

    • Target

      LingvoSoft Dictionary 2008 (French-Arabic) for Pocket PC/Uninstall.exe

    • Size

      88KB

    • MD5

      1e545d248bf7a7e3cfc9a5763839ee81

    • SHA1

      dc11724f951b42c1f374ada74bf13d220ea8314a

    • SHA256

      c0e15406965faa23757e9b1838aecf92742d010947e71ba83fa286e545f10fdc

    • SHA512

      d890fd733022b31ba63d23a8fa124b70208ab054eb11625f9188519a541eca46e408517382db9cdc52a187baba00d341984c76bb36528e5f8de87442e1fa3281

    • SSDEEP

      1536:ezVmz/J+Oku5zR+QmJsfoZsWWXZ5Tf5TTPoEDdKSMxgeJJs/8wl:GYUOXr+QmJ9O53g4dMDmR

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral23behavioral24

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      9b17a13f814b137f88b961c087858063

    • SHA1

      c290dd3139b79aa340aec3ed3d674160433035e1

    • SHA256

      e54792a179a06acbb9b69c117ee804dce070505d1853d6e7d512f2a055a801b2

    • SHA512

      3a625f5f13e344c24973c79c074d1ced4d9206f87f392dc7c8f0c116d0f2b878b60340e2377d0240c47f0e34e25e4e3af8b196bbca1c6a29a0f51d8408e8b0ec

    • SSDEEP

      48:SnNQ/z+vUML8eYXICmlmGYKHz0JSpXSxwo6mpwzcR3RqG8aEJcABofgMGKO:Bz+MM4eqmvz0JScx56mpwzAhWcGV

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      00lsFRAR.044

    • Size

      18KB

    • MD5

      739c8094c4eb18d7857d105ea9647982

    • SHA1

      dfd744a52bec64cc506fa558110b6ea8e4a01b32

    • SHA256

      24ee04778f4303c0c4a5f1fd42d58b3a5e5088fe0f0219f95b17530ec3d0ac57

    • SHA512

      28c87fab3c6c906e3cb195cbaf93b0932e78573364a9cd338f7bace790d457e2b55bde9e0a929a4c06a65f5ef78e840b13ef3509adc4c1c8470b5614990ab824

    • SSDEEP

      384:cNLnsh2Yf/5HVMZoqlSPaqO6FPDk8h7fORpE00L8+wOZ1ZqcxnHsG5sMk5fj5l6v:dquVTO+r7HUl6gYQcR

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      LD069D~1.071

    • Size

      759B

    • MD5

      dbd3525dfb01d2aa4ef583347423cb28

    • SHA1

      b87aade3040a20b3af449e81f6550ff32541dcda

    • SHA256

      7fa9fce493b852587e1cbe423f1364e79203b8e70663e4295c9d0ea65eedc1c1

    • SHA512

      764cbb1174054e6ec2826eb660c21e309c7d0c400e5cf512fd1ea96286b30f7a549c6a56f0d46dcc4c9d3eca8dbb053577d6e62f5fc497bab315428609461e21

    Score
    3/10
    discovery
    behavioral29behavioral30

    • Target

      LD13C4~1.061

    • Size

      900B

    • MD5

      dda8e0e27361283cc53e93cb4c3c12ef

    • SHA1

      343eff79f69538548e21613292a9395890d4517d

    • SHA256

      78310939eadb1f528a186cdb35ab8db05ab612a5090f37518add6fe44ee96139

    • SHA512

      db175975942b4475b877038da1f9f30b6cb00791ace77ccc83788fb9ec1d0c634031826f415529095549348c55f361065dfdd08daf8d3c8067d57fdaee1b7bb7

    Score
    3/10
    discovery
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

discovery
Score
7/10

behavioral24

discovery
Score
7/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10