Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f0abd96a38ed903947b42592d02e38c6_JaffaCakes118
-
Size
3.1MB
-
Sample
240921-1lmb4awanr
-
MD5
f0abd96a38ed903947b42592d02e38c6
-
SHA1
7415e5d1aa64b5b590bae6a9701717273180150e
-
SHA256
1174d2d36ab86bd52650fc086af7c2f226a55db34bd3d0fd966c0b6c070a4342
-
SHA512
626aeabd5e2c4f644cc487fd12a171138b8c7dc18b23642da4b03d2013654a0d3cdc8445708dad9738752dd404124337681081fcfff5a1c549a5686f21b21596
-
SSDEEP
49152:OnIh6OCiyGnhSyhxPw0Pelu8G5UozmzY7KqMFkQDnUt47tS83jVLxwY4sS:On9xJGhSyFPeoVOoHXu/nUt4EAZeYc
Malware Config
Targets
-
-
Target
f0abd96a38ed903947b42592d02e38c6_JaffaCakes118
-
Size
3.1MB
-
MD5
f0abd96a38ed903947b42592d02e38c6
-
SHA1
7415e5d1aa64b5b590bae6a9701717273180150e
-
SHA256
1174d2d36ab86bd52650fc086af7c2f226a55db34bd3d0fd966c0b6c070a4342
-
SHA512
626aeabd5e2c4f644cc487fd12a171138b8c7dc18b23642da4b03d2013654a0d3cdc8445708dad9738752dd404124337681081fcfff5a1c549a5686f21b21596
-
SSDEEP
49152:OnIh6OCiyGnhSyhxPw0Pelu8G5UozmzY7KqMFkQDnUt47tS83jVLxwY4sS:On9xJGhSyFPeoVOoHXu/nUt4EAZeYc
Score8/10-
Blocklisted process makes network request
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
-
-
Target
$PLUGINSDIR/ShellExecAsUser.dll
-
Size
83KB
-
MD5
0f2f0c6e86ed89e355be8b39e159fad0
-
SHA1
970a0f7df2a32325019a8c24de592beec490d63e
-
SHA256
e79fcb76e289709cf59c7d73a6d142193cdd3a94c1b5f318d320e52dcc76daf9
-
SHA512
ab5223e6aec8b94151e595d788c77686a31f00615b5e1de02b07aa7c5e439a90ed8333f4bbc0fe1c50baa6e3b36404f972249aafd148bbf3a60fe302cac761dc
-
SSDEEP
1536:T1kYvp+3iQfAsjms/38JWfLydNiZwEc0boX9TsWjcdNleSVgzlW:prRvQ4sKs/34s/icN3VghW
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
7KB
-
MD5
4206ac12a66dd61b2913f158488db070
-
SHA1
589a65a8f2b40d9e821e47bc66fd5bb3848d6f77
-
SHA256
4b722e1b2445fe8030194ba2ae1f573bc8e13dc3c028ce22312ea9848c584449
-
SHA512
a6a1bd423f222dd28277831eb01a14179ea67fb4d7c2b498cf0684185caf7d44a1378faf3a3933a6ce5bed5f5824d011b4a0f6558c3b5d8e84cb5a2bfe455a67
-
SSDEEP
96:o8dPIKJhMuhik+CfoEwknt6io8zv+qy5/utta/P3lkCTcaqHCI:1ZIKXgk+cx6QYFkAvlncviI
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
3e6bf00b3ac976122f982ae2aadb1c51
-
SHA1
caab188f7fdc84d3fdcb2922edeeb5ed576bd31d
-
SHA256
4ff9b2678d698677c5d9732678f9cf53f17290e09d053691aac4cc6e6f595cbe
-
SHA512
1286f05e6a7e6b691f6e479638e7179897598e171b52eb3a3dc0e830415251069d29416b6d1ffc6d7dce8da5625e1479be06db9b7179e7776659c5c1ad6aa706
-
SSDEEP
192:eP24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlbSl:T8QIl975eXqlWBrz7YLOlb
Score3/10 -
-
-
Target
$PLUGINSDIR/md5dll.dll
-
Size
6KB
-
MD5
7059f133ea2316b9e7e39094a52a8c34
-
SHA1
ee9f1487c8152d8c42fecf2efb8ed1db68395802
-
SHA256
32c3d36f38e7e8a8bafd4a53663203ef24a10431bda16af9e353c7d5d108610f
-
SHA512
9115986754a74d3084dd18018e757d3b281a2c2fde48c73b71dba882e13bd9b2ded0e6e7f45dc5b019e6d53d086090ccb06e18e6efeec091f655a128510cbe51
-
SSDEEP
96:5mArJv6F3TqDmgK4ghEin1US36eHQZDUDgGogZcko5Nt4AMP:5XJ63LhR6inZ6dsgZkKQT
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
dbdbf4017ff91c9de328697b5fd2e10a
-
SHA1
b597a5e9a8a0b252770933feed51169b5060a09f
-
SHA256
be60a00f32924ccbe03f9914e33b8e1ad8c8a1ca442263a69896efba74925b36
-
SHA512
3befc15aab0a5dbe7fde96155b0499d385f2799b1a2d47ce04f37b5804006b1c6c4fff93d3cedb56a2a8172b23752b6f9dc6168cfce3596b91def3247836cf10
-
SSDEEP
96:33YnIxFkDUGZpKSmktse3GpmD8pevbE9cxSgB5PKtAtYE9v5E9KntrmfVEB3YdkS:33YIvGZDdtP8pevbg0PuAYK56NyoIFI
Score3/10 -
-
-
Target
$TEMP/$_83_/InstSupp.dll
-
Size
542KB
-
MD5
d48d051c91c34ea903e7d5d830e4d24e
-
SHA1
987d80c643660efcf09198f158796196464acc94
-
SHA256
e81da2bc2b1eab8dbf092481765840f3d6bb4e2f6af07c147fd8d428b1c0d494
-
SHA512
33833da4592a108d7cd15c2f4e35ce19b2123b7aa6b6da076ecab3b68517f261b7864dfa4fc09744b14f25b8b8df18b891a2c4d9a817dba79856b67f1b8cb0ae
-
SSDEEP
12288:C6L9+Ws+j6aUIqvmYccCebBzwiNS3Ids06Y9ug15vR:CVtG6aAjnJpGIds06O15vR
Score3/10 -
-
-
Target
FireFox/bootstrap.js
-
Size
11KB
-
MD5
4ceb7dfccc418f4a220e41e0e3b5244a
-
SHA1
6e4e25767afb889f516ed42308f9ee1a38c67492
-
SHA256
e9c7c14543100f703f9ee59762ed5e0ce2958acf44c93e33c89539088fdb8228
-
SHA512
647b44e9805ab99d1bcd791c51301b69738d30c49233f4a75cbfa2d9463d0a308a3ed2b7294a53d3258081061f71f6ba7be8f47712d4e5e78d54a916897c28cd
-
SSDEEP
192:fy5ZY6esa/XFee6DKdawc38ZY9bk300jAVwaP:SXeR/fawc5ZiAVfP
Score3/10 -
-
-
Target
FireFox/content/html/popup.html
-
Size
734B
-
MD5
c929c4ef17977667affa3fbf2308d429
-
SHA1
8981c4dedbb7446e817e20f206b5c9e174cc0074
-
SHA256
4599c1cb8c97f841d48a003f47e6ab8b7b8f720448129183c4499812468377eb
-
SHA512
1831fb44ec6c9ff32fe21386023d4f0229d85844b09ed28975b65e5aba6eb81c6a0f783a7e023f966cc90082191ea4d5df5c3f803f2764181461433ce38935ad
Score3/10 -
-
-
Target
FireFox/content/js/uid.js
-
Size
41B
-
MD5
0460abfa86a3c928cfd26d3af6b17188
-
SHA1
551732701651d8ecd2847a9db6a557aef32b1539
-
SHA256
074dc1633ac3a5118053e509bd2d285635c9d946275431489bbfdcf26f26c8c3
-
SHA512
fbb386513ecdee0b096c5d75830a1cc25afe1c2b724f53bfb7f4d73312bc52f3dcbb953b47da05121ef21b76a734896063b8043ad3b63785a605cf7df2263258
Score3/10 -
-
-
Target
Modules/7z.dll
-
Size
893KB
-
MD5
04ad4b80880b32c94be8d0886482c774
-
SHA1
344faf61c3eb76f4a2fb6452e83ed16c9cce73e0
-
SHA256
a1e1d1f0fff4fcccfbdfa313f3bdfea4d3dfe2c2d9174a615bbc39a0a6929338
-
SHA512
3e3aaf01b769471b18126e443a721c9e9a0269e9f5e48d0a10251bc1ee309855bd71ede266caa6828b007359b21ba562c2a5a3469078760f564fb7bd43acabfb
-
SSDEEP
24576:TW+wsDaQw6DDz3qRyPnmGfrnvVUKueY8RmneWtJ:TasY6DwOBfrnvV7UeWt
Score3/10 -
-
-
Target
Modules/ArSp.dll
-
Size
38KB
-
MD5
c9ae751c5c26850912e2c77d8abc28d9
-
SHA1
146461c5a9e5379e770c9edeb9ddf56770785ccf
-
SHA256
adf886a38e49935cb8260a8bea557f2add00f4277a76351e426ad07feb169aa2
-
SHA512
72bb9532624667e2f75204e8bc6a44a5651b247e1f6317a1a1a94276ac598188312cbcda8cc386e795ddc0fb30d08c7530cd47dc4a6df63290acc46623b43120
-
SSDEEP
768:e/PidxjnQyslT/NwnRdYzNjMLwVTScciLl:qPidtnPgrNwozNoMVTS3iLl
Score3/10 -
-
-
Target
Modules/BdUdr.dll
-
Size
57KB
-
MD5
d190f11b66a2a12c29546f2fb824efdc
-
SHA1
b140988558c37df3b0503baa2a67900e22aec89d
-
SHA256
61ee08658a38baf56d5a46743e4fb5696b34f3b00e50ce4dacd31f5e4e2e7408
-
SHA512
32e232c91ab1e0663dc34772c5b50a0cbafffd11f4025617f79a603111248039ecd337d67efa1864fae8b09bbd480d4a7ee446e77e8f6754baa764d2dcfa2717
-
SSDEEP
1536:Iizk89A8AXKsjKrPjkj6fXIBMI283/pnQ+P7TS3iGj:3zk8W1okj6fXIeI283/pnBSN
Score3/10 -
-
-
Target
Modules/BrSp.dll
-
Size
115KB
-
MD5
8cb9e7b533aaf0358fefc0af89c083e4
-
SHA1
4e6e88694f8de30f55dc3ff2964c36de8409ee48
-
SHA256
a3221b7ae9adb50fc9488329bae76631e8ef191ea5dadda227ad904cc8c23491
-
SHA512
8d6bf2dfd22f03b360c9027349d6f2a89e2e21318693e9d514699f617db64be56327f546562951c37911b5802c26fc7e88ae8b21a3e9b1516c0b73b641470704
-
SSDEEP
3072:r/zpmVI4b7qjQv1blKL/8GicUYnnDo9Hcd2/ovD:XpmVzXqjCblClns98d2/o7
Score3/10 -
-
-
Target
Modules/CdPrc.dll
-
Size
90KB
-
MD5
ed6a77a75c81e03e58ed476b2e6a7147
-
SHA1
88cd0dc4157779d5873c6a3963b462385db2e47c
-
SHA256
c19cb3bd01dffd50c293db26e4a4acd08b91921ca28dc17f221d9dda45d87754
-
SHA512
ca277bc6666b92b3a13818237c78b51019eb2fef31e0b319bf0905d8f4914d2431496ccd5f84d5a4e38bc4be39de7a20dbf9632e399101e90d2bcbe3b6496f31
-
SSDEEP
1536:uX7wnCjGy1zLNbTVyxFQQgwyJ3lKDmPOXQtsWhDgI5wWdKBsD/c3bUHTS3ix:ur5GydTV0QQglJ3kAtsWhDgVWdKiD/ck
Score3/10 -
-
-
Target
Modules/Core.dll
-
Size
106KB
-
MD5
88bacab5cd724773b792f16930e43070
-
SHA1
d028037bac8739306ca0aa085791c5093d51dd54
-
SHA256
753389ce132d0b6f44b5d66a89d573be1e709dae335e1a4455e85dec0a8db0a0
-
SHA512
89a3dad69e1281212a93074ca6f34fa68ccf5bb113b8bef3075e6f5dd2883813515e61afe683b61007462c0857e8672682a4b3695dadeaa78a8b181f95623a12
-
SSDEEP
3072:xZYCVPJG1mLWSYVgFWTNlCNwu7a8I/+/VZM4vX0JA:xZYCftSSYSFu0wu7a8I/+/VZM4vXB
Score3/10 -