Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

dfde735280...18.exe

windows7-x64

7

dfde735280...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...cc.exe

windows7-x64

3

$PLUGINSDI...cc.exe

windows10-2004-x64

3

$PLUGINSDI...ok.dll

windows7-x64

3

$PLUGINSDI...ok.dll

windows10-2004-x64

3

$PLUGINSDI...ll.bat

windows7-x64

6

$PLUGINSDI...ll.bat

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dfde735280cb0ead0d7e8ed2f2205ad0_JaffaCakes118

  • Size

    869KB

  • Sample

    240914-kysfwawcll

  • MD5

    dfde735280cb0ead0d7e8ed2f2205ad0

  • SHA1

    5a9ccecb1f62f6eda8e72579a38e40094798aff1

  • SHA256

    2fb9bed80be72f414aa9c13a8fec91ee0be2a73c660871c57621ed727eb0dcad

  • SHA512

    6962e7a8c4e4aa96dc21d28a1a87b72add0775050d6306531d2bc310a009d5bd9070da9b4498d6bc4a740ddc4eccd52820474ba9cb8608b0c2c2f2a837406853

  • SSDEEP

    24576:buneX0UoMvrA1BkMUiXfu0I+Z7xa4BCUJjPheNI4+Vi+C4:xkUfr3Mbta4sUJZJ19C4

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      dfde735280cb0ead0d7e8ed2f2205ad0_JaffaCakes118

    • Size

      869KB

    • MD5

      dfde735280cb0ead0d7e8ed2f2205ad0

    • SHA1

      5a9ccecb1f62f6eda8e72579a38e40094798aff1

    • SHA256

      2fb9bed80be72f414aa9c13a8fec91ee0be2a73c660871c57621ed727eb0dcad

    • SHA512

      6962e7a8c4e4aa96dc21d28a1a87b72add0775050d6306531d2bc310a009d5bd9070da9b4498d6bc4a740ddc4eccd52820474ba9cb8608b0c2c2f2a837406853

    • SSDEEP

      24576:buneX0UoMvrA1BkMUiXfu0I+Z7xa4BCUJjPheNI4+Vi+C4:xkUfr3Mbta4sUJZJ19C4

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      00a0194c20ee912257df53bfe258ee4a

    • SHA1

      d7b4e319bc5119024690dc8230b9cc919b1b86b2

    • SHA256

      dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

    • SHA512

      3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/bomgar-scc.exe

    • Size

      763KB

    • MD5

      043cac1683f5cab7d079925a4b8a0fed

    • SHA1

      509ee93fcee9b59e6d383f30e55e52f88747e9b8

    • SHA256

      25eae86c681f75d42985aa9d9ebc097167354bfb81419abc686c24492eadf211

    • SHA512

      f1d4fb37f9866f6ca21622e6a0bf1c9993595bcc9480b91f80714d88fdc715ceb214403b53e427b237a61ca07891e8a7cf468b27551b68eb3583a20447d953d2

    • SSDEEP

      12288:V7a27+406MfKJ+VyiDcbPS92LDhMpwphkfPGoCBLrlTbyP/hca9H0eA5VkWbIOj:37+4w/IgcbPDDphkuBLcHhF9H0RkWbIi

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/nstvhook.dll

    • Size

      7KB

    • MD5

      18ebdc8b76af2fbd2cccd69b37efd2d8

    • SHA1

      f70f2af2392e45594995a1c8b8865080b3513ac8

    • SHA256

      c9a72bee4f15a282c72620cd21356c59a5768c59cbcb28dfa95fcfe464748456

    • SHA512

      83eb58566dd81240bd5f7af445c8caf9a92943d129ce12587858f2316cc822635612af9ade0fdbf0d426b9cf81f5d6b8bc3decb80fb7c425c3c2117259f435ff

    • SSDEEP

      48:a7VPy88gMMb/rg1fzC9boheUCSNg7OzoKqcBoqSQ/qFzL5H5kjX7UIltnNCu/Yyl:elfEJzpkVmVzoK1Boq1qldu37/Yy

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/uninstall.bat

    • Size

      34B

    • MD5

      0a66071b4436ed915697bfd252d02cf7

    • SHA1

      f864686282191d807d993a52dab62e019699161f

    • SHA256

      4de0cef8290d5f6186070e1430c5ace5766c0d2833aaf34fc71f086d5dd6a1ed

    • SHA512

      1a9e6732119d4d65e81a9537a96a06f2f099ec62f2485657e652f4b38067ac4b566553c638512ca4d4a369404caa7f18f26fb6d5f182663c785669995dd9ed78

    Score
    6/10
    discoverypersistence
    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks