Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

dccf1c0ed1...18.exe

windows7-x64

7

dccf1c0ed1...18.exe

windows10-2004-x64

7

$PLUGINSDI...eb.dll

windows7-x64

3

$PLUGINSDI...eb.dll

windows10-2004-x64

3

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMP/nsisos.dll

windows7-x64

3

$TEMP/nsisos.dll

windows10-2004-x64

3

PrivacyInfo.exe

windows7-x64

3

PrivacyInfo.exe

windows10-2004-x64

7

PrivacyInfoMon.exe

windows7-x64

3

PrivacyInfoMon.exe

windows10-2004-x64

3

PrivacyInfoUpdate.exe

windows7-x64

3

PrivacyInfoUpdate.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dccf1c0ed1d79cdf5027d267bc903388_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240912-w4vnzaxgpf

  • MD5

    dccf1c0ed1d79cdf5027d267bc903388

  • SHA1

    06ad34deb5955200e02c74b3aa125c994c51a5cc

  • SHA256

    574cde264f64a788c58bedc94a3d1202f769e7dae9f0212b83e830c8fa3836e3

  • SHA512

    d8e0c28a9063d623f6e4545b7944ce70dc89a394c6d15d6a1184886c9eca012917bffd64942eb10539932c553567af8cf12ef8911f609e8458963e870788d832

  • SSDEEP

    49152:QS7s8yBakBWZregyorXdVV7TjRPvUPlaKuAR9h:H7s8stMy7orXdv7P9vWwMzh

Score
7/10
discovery

Malware Config

Targets

    • Target

      dccf1c0ed1d79cdf5027d267bc903388_JaffaCakes118

    • Size

      1.8MB

    • MD5

      dccf1c0ed1d79cdf5027d267bc903388

    • SHA1

      06ad34deb5955200e02c74b3aa125c994c51a5cc

    • SHA256

      574cde264f64a788c58bedc94a3d1202f769e7dae9f0212b83e830c8fa3836e3

    • SHA512

      d8e0c28a9063d623f6e4545b7944ce70dc89a394c6d15d6a1184886c9eca012917bffd64942eb10539932c553567af8cf12ef8911f609e8458963e870788d832

    • SSDEEP

      49152:QS7s8yBakBWZregyorXdVV7TjRPvUPlaKuAR9h:H7s8stMy7orXdv7P9vWwMzh

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/DLLWeb.dll

    • Size

      28KB

    • MD5

      b382d6c8d5c6a437b2064d79b5dee47b

    • SHA1

      f8f4eae50d59b3b94762b10984c1fdcf4c08ff47

    • SHA256

      bdb051e1d7fd7b062341b8cb2efce180f2fbb83739fd2143262034be0f2396f3

    • SHA512

      e6d604d18b28beb30c09d987472540306abd925048f58a3c99a4013d44b9f29112419ca15c1bb7ee1560300bf179f9e98dd7e6db75e5aeb0e44fba47ac2dcc99

    • SSDEEP

      96:rP3KIyqFIAedN/0AatJ/l7R6TxNFOUodK8X9/r+uFBudGaxfP0:rP3K79N/HatJ/36T15jcAyYdbx3

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/ExLicensePage.dll

    • Size

      44KB

    • MD5

      715d6b699ed9f49e35f1f7e64ed8badb

    • SHA1

      1150fa82725645ed2401ee958faa649d2f56fb7c

    • SHA256

      89ad29c3f85bb27f0df42aa9b486e861c59cf193e8d946e12cabba98f4c6f024

    • SHA512

      2631abc2cb99aa021429139e4ea96ea2f3ca90997bc3908ab3a92b64ef7fcda8ef159e586b13d153eab0de68a75407385b83d8d05112fbde76e69ea684c76499

    • SSDEEP

      384:szm13Gp6FqMJJlzjRo6AmCzVf25w5w+wqBQIOYyOx:+kW6FBJJlXRyxYH7O

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/IEFunctions.dll

    • Size

      3KB

    • MD5

      9701818d39318145dd164794ef3a3846

    • SHA1

      7db701f8dc19163d46ba88e8b68d8dbf428a8152

    • SHA256

      3122b0413f74e88518cfd1b9c6e18435dd326ca177a2374b6405df78f43e776a

    • SHA512

      d92786630250e9eb6c47537b09684fa107f959b50d255c7f3952741eb438c3be47e171827d3a4407b049c33c12dad73f8ec381a7265b28a6d8ca101ff702e8a4

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      eef9e469e8a30717974499f277d97e2a

    • SHA1

      2d33c25984ebd9116beeb55cdde4c5c86c023e5d

    • SHA256

      1f35bb6728237483c779005fc227e69fef51b0bafd32d15855d483948a337078

    • SHA512

      d860132106a1c03dfa23f983b3c503f1216ac02f3d47833b96dfb333fb30bc8ab4d4fecd1f1f0a89f0c7f3586405461e2d53c26f282bb48970e549659b364b48

    • SSDEEP

      192:8np6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+MTjK72dwF7dBEnbok:8p6UdHXcIiY535zBtMTj+BEnbo

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c6f5b9596db45ce43f14b64e0fbcf552

    • SHA1

      665a2207a643726602dc3e845e39435868dddabc

    • SHA256

      4b6da3f2bdb6c452fb493b98f6b7aa1171787dbd3fa2df2b3b22ccaeac88ffa0

    • SHA512

      8faa0204f9ed2721acede285be843b5a2d7f9986841bcf3816ebc8900910afb590816c64aebd2dd845686daf825bbf9970cb4a08b20a785c7e54542eddc5b09a

    • SSDEEP

      192:qADKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQbVUSF:qAViJrtFRdbmXK8+WVUw

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $TEMP/nsisos.dll

    • Size

      5KB

    • MD5

      69806691d649ef1c8703fd9e29231d44

    • SHA1

      e2193fcf5b4863605eec2a5eb17bf84c7ac00166

    • SHA256

      ba79ab7f63f02ed5d5d46b82b11d97dac5b7ef7e9b9a4df926b43ceac18483b6

    • SHA512

      5e5e0319e701d15134a01cb6472c624e271e99891058aef4dfe779c29c73899771a5b6f8b1cd61b543a3b3defeaecaa080c9cc4e76e84038ca08e12084f128eb

    • SSDEEP

      48:6EyuygeHCfxwU5x+6kx/k1gONv27oBc2OkIrHHl:VeHCf2762kKsu7oGjkIrn

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      PrivacyInfo.exe

    • Size

      4.8MB

    • MD5

      37363e6a53e4dc5034b6f9a7dbe32b04

    • SHA1

      e71358c2dd600b104a59cfd1bfafe9ed66278ef0

    • SHA256

      7cbdc5c8a4a0bd6525bc60b68fcedeaf0f02b05c3d0eda0de01f38e7cbcfaf82

    • SHA512

      51b64676fb30c5cd5e731f07998f23eaaeeed4b7c201aac3acd99e98403cd6d089242ac896056733e96c8b0a19f82b1d04dd707be8aad44210b7dfcbf63f88ce

    • SSDEEP

      24576:0BWEy209rB4ewcDBS591QI5eQ+FiVqqq:5203P1Ds591Q+Z+FiVqqq

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral15behavioral16

    • Target

      PrivacyInfoMon.exe

    • Size

      817KB

    • MD5

      1a3f59008ae3eac0240e3a41bec14050

    • SHA1

      faac5758679f34a974117c9df6c9fddd7d57db12

    • SHA256

      f05f90268a5f51580e65338376751be7307620d02b344e6fb4590959bcc1be09

    • SHA512

      f4565d9a58ac56cd69ee13e1fd878c2859144c73732c2ee268c3638e8ed13178b866813bb0a0e919c1a200d48e5e0c8152546fa4b7fe99e3ce9bee1737dbb2ee

    • SSDEEP

      6144:LyswBicfFBF7W3i6nIJ3p8fWQUcUohOZrcLpKrJCFKIIiYXo:tYZFb3p8ZVOrc9KrUFKIf

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      PrivacyInfoUpdate.exe

    • Size

      1.8MB

    • MD5

      b7c0c4c7d3087f91d84be0cc4664670f

    • SHA1

      e20930974c36325d984e2dfb69e8037812089677

    • SHA256

      743a7d2d916a7100f01fbaa98fa50de0256490c4a57b9e3cc6700dbdb6c9e02a

    • SHA512

      4e20bc6ed6f01fc31d669d6eee1e530102f97cbb0f4c05c49baa060d6e5f39cb9600c39e3dc6669bf6883065e18577561a9c5244d443dcb41de1fd25e3afc01b

    • SSDEEP

      49152:kPtUrmlvLBoKKGjiW0KAZ9fZkVGBVcoLuvIRBSQDrUOrBKv:kkmJVoK72W0KAbfZkUBqoLtRBPUOrB2

    Score
    3/10
    discovery
    behavioral19behavioral20

MITRE ATT&CK Enterprise v15

Tasks