Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

eac568e978...18.exe

windows7-x64

7

eac568e978...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

7

$PLUGINSDI...ll.dll

windows10-2004-x64

7

$_1_/Modules/clc.dll

windows7-x64

3

$_1_/Modules/clc.dll

windows10-2004-x64

3

$_1_/Modules/crm.dll

windows7-x64

3

$_1_/Modules/crm.dll

windows10-2004-x64

3

$_1_/Modules/wis.dll

windows7-x64

3

$_1_/Modules/wis.dll

windows10-2004-x64

3

$_1_/RtHelp.exe

windows7-x64

3

$_1_/RtHelp.exe

windows10-2004-x64

3

$_1_/msvcp110.dll

windows7-x64

3

$_1_/msvcp110.dll

windows10-2004-x64

3

$_1_/msvcr110.dll

windows7-x64

3

$_1_/msvcr110.dll

windows10-2004-x64

3

Modules/7z.dll

windows7-x64

3

Modules/7z.dll

windows10-2004-x64

3

Modules/cdp.dll

windows7-x64

3

Modules/cdp.dll

windows10-2004-x64

3

Modules/clc.dll

windows7-x64

3

Modules/clc.dll

windows10-2004-x64

3

Modules/crm.dll

windows7-x64

3

Modules/crm.dll

windows10-2004-x64

3

Modules/cus.dll

windows7-x64

3

Modules/cus.dll

windows10-2004-x64

3

Modules/nls.dll

windows7-x64

3

Modules/nls.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eac568e978b23687bab043afa1cb21f7_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240919-hczxqavgjg

  • MD5

    eac568e978b23687bab043afa1cb21f7

  • SHA1

    692c5378779b506d2413d0d656828c0ccbf6f5d8

  • SHA256

    237249055c3f8e6ddbc914e2a6e20585900258c43e0c803a39a27cb9dff18740

  • SHA512

    35054e5dbcf68273136b9cc66d44aedf4ad7b74494b95310f28af5a1cdb7ec929c8bffe1aaa975fbceaa5999a1a00b6d826fd94c76b635e2d7e081540c3b154b

  • SSDEEP

    49152:NrMMBViJLZH7wRkQb8CuMeRrc0QWfHnMfusw:NrMMBQZbu4CutRrTx6usw

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      eac568e978b23687bab043afa1cb21f7_JaffaCakes118

    • Size

      1.8MB

    • MD5

      eac568e978b23687bab043afa1cb21f7

    • SHA1

      692c5378779b506d2413d0d656828c0ccbf6f5d8

    • SHA256

      237249055c3f8e6ddbc914e2a6e20585900258c43e0c803a39a27cb9dff18740

    • SHA512

      35054e5dbcf68273136b9cc66d44aedf4ad7b74494b95310f28af5a1cdb7ec929c8bffe1aaa975fbceaa5999a1a00b6d826fd94c76b635e2d7e081540c3b154b

    • SSDEEP

      49152:NrMMBViJLZH7wRkQb8CuMeRrc0QWfHnMfusw:NrMMBQZbu4CutRrTx6usw

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      3e6bf00b3ac976122f982ae2aadb1c51

    • SHA1

      caab188f7fdc84d3fdcb2922edeeb5ed576bd31d

    • SHA256

      4ff9b2678d698677c5d9732678f9cf53f17290e09d053691aac4cc6e6f595cbe

    • SHA512

      1286f05e6a7e6b691f6e479638e7179897598e171b52eb3a3dc0e830415251069d29416b6d1ffc6d7dce8da5625e1479be06db9b7179e7776659c5c1ad6aa706

    • SSDEEP

      192:eP24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlbSl:T8QIl975eXqlWBrz7YLOlb

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/UpdHelper.dll

    • Size

      130KB

    • MD5

      bb40f596eab5c6598d320677b1731d62

    • SHA1

      2c3f547355e07ba6585d955237a35e1125173028

    • SHA256

      8b972cd7532648027a533330481a6fed08f70718b31396ddf6579519e862b169

    • SHA512

      a2b6757d82bc9ad02516ab83b31c81c310cefc04ffe8ba1937febe44da2e9786a093fba21f6ed412403acde404a6684f7c2ad7f7696c03379fde9d3aee19b436

    • SSDEEP

      1536:Xxl/6f/Vjj2C6+omP/I2IYhRN/YD70Z7+OpzW4kDcXMkoXsWjcd0w+bTTshSQlm/:BB2UOq+1W4rMkoY0w+bTTshSom

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/md5dll.dll

    • Size

      6KB

    • MD5

      7059f133ea2316b9e7e39094a52a8c34

    • SHA1

      ee9f1487c8152d8c42fecf2efb8ed1db68395802

    • SHA256

      32c3d36f38e7e8a8bafd4a53663203ef24a10431bda16af9e353c7d5d108610f

    • SHA512

      9115986754a74d3084dd18018e757d3b281a2c2fde48c73b71dba882e13bd9b2ded0e6e7f45dc5b019e6d53d086090ccb06e18e6efeec091f655a128510cbe51

    • SSDEEP

      96:5mArJv6F3TqDmgK4ghEin1US36eHQZDUDgGogZcko5Nt4AMP:5XJ63LhR6inZ6dsgZkKQT

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      $_1_/Modules/clc.dll

    • Size

      111KB

    • MD5

      f4a2c922eefc586873bb81adfc7fd9e4

    • SHA1

      c5c80849b3588d31384ebf73e4f3224c26fb8322

    • SHA256

      c1994c5930bc08773f07044efae77bf326df8365e4bbd4ee28c863293defaed8

    • SHA512

      0797422c1f501d218c6789b0e39a0ff36a8a06f7e15aa5377dabb1f4040aef4c4322936fa30a1310149ec00bcfdfadd7b05d779e6e758b8d799c895a94221990

    • SSDEEP

      3072:cvRT3QJ1zdoX4qPgLbLm2kYQuF09ZFGWlw8jlZQJUoLYKt:W3QJ1Za4qPgLbLnkA+9jRjlZQJJ

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $_1_/Modules/crm.dll

    • Size

      104KB

    • MD5

      476b262ca9b363a984a0ca2996fb1206

    • SHA1

      031fb7afc93413a65e14174afaff40d8e8eaf394

    • SHA256

      08cac661c1682437de92c2a9ba7e0d8023e9ae11048f5031a78add1af58f7ae7

    • SHA512

      5ab0b5dd6e454959a9f0e661f9847f5b22174c12b2af74b7d27761573e701a2556bb51ddacd0215f13aedcc9370d76130972139052837fb1dcc52ae60db13793

    • SSDEEP

      1536:w/eBIUryPkf1bPa0rCoBU/0nUaNyUqNKTZWiaj+pLb/sQrWeLi4zofKpcWL2Vrip:wIIUWroBU/0naUixj+Zb/sQr7xo4dKC

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $_1_/Modules/wis.dll

    • Size

      42KB

    • MD5

      619bc3efef474976a3fcf4ff4d7797b9

    • SHA1

      1f4ea3bab584224c6d06976866c7c0bd59bee9b6

    • SHA256

      31afdd230b92768c8088a2863c27820edefe638381140cb07a08eb0127bb87a6

    • SHA512

      284d66cd33bc83880f44c7fb0be14ff03a9b267994523c34765d820e8a8c0572c8f63b7b511d4325fe6e48ba731946ccee26f0a8cacd9bca450e630df575b116

    • SSDEEP

      768:MkPmePU4gW1YH7FzxIT7JOB3+NI2giTcsuCGkjam54RZcCTRU1/HAWL2Vrik:MkPmePU4pKbBKT7JOIu9lUOsWZHTK/gZ

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      $_1_/RtHelp.exe

    • Size

      334KB

    • MD5

      b3703cc63a1e3f5f903eb9a848d9a444

    • SHA1

      d21c8e3621c196d622cf6d9daaac21f51455e68f

    • SHA256

      4c32ca7a07afdb07f178d67c4be35a782ff3fb68675387e66b2ab5636ca9e3d8

    • SHA512

      316c32c7c34bfa23d19696c8d7b051332edd359785517511cfed52880a574df968041976f6b6b465f1289ccb5e1e8067a4f5e4e5cbdaad51058b25f307ee2b0a

    • SSDEEP

      6144:jawJ67wblyFxImB8K7BvFRVidQhq/Jx8J:W37wQFWmzaQhGf8J

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      $_1_/msvcp110.dll

    • Size

      522KB

    • MD5

      3e29914113ec4b968ba5eb1f6d194a0a

    • SHA1

      557b67e372e85eb39989cb53cffd3ef1adabb9fe

    • SHA256

      c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a

    • SHA512

      75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43

    • SSDEEP

      12288:FqULIc5nb9rywgfyhUgiW6QR7t5sA3Ooc8sHkC2eRxUH:PLHnhryLfBA3Ooc8sHkC2eRxUH

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      $_1_/msvcr110.dll

    • Size

      854KB

    • MD5

      4ba25d2cbe1587a841dcfb8c8c4a6ea6

    • SHA1

      52693d4b5e0b55a929099b680348c3932f2c3c62

    • SHA256

      b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49

    • SHA512

      82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6

    • SSDEEP

      12288:TmCyHcMpK7QdgD+9Tr8r3FmJciMgLFWkA8qTWu+FVlofpJCjNdr12iqwZeq:TmCyHNIQdTryVmCipIkqTWu+Fr

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      Modules/7z.dll

    • Size

      893KB

    • MD5

      04ad4b80880b32c94be8d0886482c774

    • SHA1

      344faf61c3eb76f4a2fb6452e83ed16c9cce73e0

    • SHA256

      a1e1d1f0fff4fcccfbdfa313f3bdfea4d3dfe2c2d9174a615bbc39a0a6929338

    • SHA512

      3e3aaf01b769471b18126e443a721c9e9a0269e9f5e48d0a10251bc1ee309855bd71ede266caa6828b007359b21ba562c2a5a3469078760f564fb7bd43acabfb

    • SSDEEP

      24576:TW+wsDaQw6DDz3qRyPnmGfrnvVUKueY8RmneWtJ:TasY6DwOBfrnvV7UeWt

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      Modules/cdp.dll

    • Size

      91KB

    • MD5

      04dc793e466762a0489e271b6a49a4c2

    • SHA1

      1f3e2ec1d4a61ad59b080a8a3ef866b87703fe5f

    • SHA256

      1029aff8344c9504b9625fa8c0c6d2852c873dcde98aff7738d2dcd4ec3f54b9

    • SHA512

      c4d5fc2fec2174c99cf0de912d12716a16686bed4ed3e7bdb01f26c5a6072e9ba9298f4634229daf0c8af99a875d24c5ee45a085f2f5ed24112d0ac7ed0652c9

    • SSDEEP

      1536:AM2it9IgWVjtPojH1MtpM7fiOTseMZZcZqyPe4VN6jYWL2Vriz:AM/DWVK1MtpFeMZZeq+e4VN6dKY

    Score
    3/10
    discovery
    behavioral23behavioral24

    • Target

      Modules/clc.dll

    • Size

      111KB

    • MD5

      f4a2c922eefc586873bb81adfc7fd9e4

    • SHA1

      c5c80849b3588d31384ebf73e4f3224c26fb8322

    • SHA256

      c1994c5930bc08773f07044efae77bf326df8365e4bbd4ee28c863293defaed8

    • SHA512

      0797422c1f501d218c6789b0e39a0ff36a8a06f7e15aa5377dabb1f4040aef4c4322936fa30a1310149ec00bcfdfadd7b05d779e6e758b8d799c895a94221990

    • SSDEEP

      3072:cvRT3QJ1zdoX4qPgLbLm2kYQuF09ZFGWlw8jlZQJUoLYKt:W3QJ1Za4qPgLbLnkA+9jRjlZQJJ

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      Modules/crm.dll

    • Size

      104KB

    • MD5

      476b262ca9b363a984a0ca2996fb1206

    • SHA1

      031fb7afc93413a65e14174afaff40d8e8eaf394

    • SHA256

      08cac661c1682437de92c2a9ba7e0d8023e9ae11048f5031a78add1af58f7ae7

    • SHA512

      5ab0b5dd6e454959a9f0e661f9847f5b22174c12b2af74b7d27761573e701a2556bb51ddacd0215f13aedcc9370d76130972139052837fb1dcc52ae60db13793

    • SSDEEP

      1536:w/eBIUryPkf1bPa0rCoBU/0nUaNyUqNKTZWiaj+pLb/sQrWeLi4zofKpcWL2Vrip:wIIUWroBU/0naUixj+Zb/sQr7xo4dKC

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      Modules/cus.dll

    • Size

      102KB

    • MD5

      00891189e59f6a7e46eecac16b74b1ad

    • SHA1

      76830ff005fab980a29fec04dc3a68a1431c222e

    • SHA256

      8787d85f4c61c0f02c0249c0cf978e666440b7a7c32057c97d2e49920170423e

    • SHA512

      12be1705f10cf591fcbd2fe82baf895edc29b6eb1256be6ab46aa977d1f4d8b00a48e4a99f1f1aabbcd716dc2077f984f1a344288d8fcf0e4fa90463df8bc22a

    • SSDEEP

      1536:e7PSVQhAoTtwAjjk2Ve9z7BvFjuJfCv6+LSEYxQcetvch89lVsGU793jHOCshOSD:eD+807BvFjuJWVlY96CshOYbZRK6

    Score
    3/10
    discovery
    behavioral29behavioral30

    • Target

      Modules/nls.dll

    • Size

      150KB

    • MD5

      9313c69d0faac7ae780aaf14745ae67b

    • SHA1

      6e3c5e16420a4338658bf35216082d7245cfe249

    • SHA256

      00433a00a278381a29e8a172df422b088415ea8c34cbc617d5cf9666f5e96bb1

    • SHA512

      4622f472ba257cf84a2e31847723c2125a2e2083f1c4ed7ed584350e8e4bd075bbae35a04c19c668283cf6cec5390ff952b86919988e577eea48c5d1fcbfbe8a

    • SSDEEP

      3072:o/w1bxOjPhv3+aQb4aXY61q+0fztlZQTOoHwwzKZ:v1bYjZ2aQbzFzItlZQBHs

    Score
    3/10
    discovery
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

discoveryupx
Score
7/10

behavioral2

discoveryupx
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discoveryupx
Score
7/10

behavioral8

discoveryupx
Score
7/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10