Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

eeb2bfc11c...18.exe

windows7-x64

7

eeb2bfc11c...18.exe

windows10-2004-x64

7

$PLUGINSDI...ig.dll

windows7-x64

3

$PLUGINSDI...ig.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...el.dll

windows7-x64

7

$PLUGINSDI...el.dll

windows10-2004-x64

7

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDIR/fct.dll

windows7-x64

3

$PLUGINSDIR/fct.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

EasyOn.dll

windows7-x64

6

EasyOn.dll

windows10-2004-x64

6

EasyOn.exe

windows7-x64

6

EasyOn.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eeb2bfc11c419220a268192f6f67b523_JaffaCakes118

  • Size

    197KB

  • Sample

    240921-adfw8svhrf

  • MD5

    eeb2bfc11c419220a268192f6f67b523

  • SHA1

    17dcea796fbf9825276818059234222f11eb2a43

  • SHA256

    31509c0972070a9c986413b2317cc4ceb01663fe01b1dfd264d04e395c68989b

  • SHA512

    d669129aba40a76dbbcf22ad44dbe7ee0eb60a2219966f7468b36aef1fb2a386f3bb201d4a0e1622ed3ef91f36c049d48fd6d9e1dffe048334df0717902697bf

  • SSDEEP

    6144:dH1cG75+ZPPfnE2Qyn20UGTyniR1E2OGPT75j:p1cGF+ZPPfnEUnjTKiUhGrFj

Score
7/10
adwarediscoverypersistencestealerupx

Malware Config

Targets

    • Target

      eeb2bfc11c419220a268192f6f67b523_JaffaCakes118

    • Size

      197KB

    • MD5

      eeb2bfc11c419220a268192f6f67b523

    • SHA1

      17dcea796fbf9825276818059234222f11eb2a43

    • SHA256

      31509c0972070a9c986413b2317cc4ceb01663fe01b1dfd264d04e395c68989b

    • SHA512

      d669129aba40a76dbbcf22ad44dbe7ee0eb60a2219966f7468b36aef1fb2a386f3bb201d4a0e1622ed3ef91f36c049d48fd6d9e1dffe048334df0717902697bf

    • SSDEEP

      6144:dH1cG75+ZPPfnE2Qyn20UGTyniR1E2OGPT75j:p1cGF+ZPPfnEUnjTKiUhGrFj

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/IpConfig.dll

    • Size

      114KB

    • MD5

      a3ed6f7ea493b9644125d494fbf9a1e6

    • SHA1

      ebeee67fb0b5b3302c69f47c5e7fca62e1a809d8

    • SHA256

      ec0f85f8a9d6b77081ba0103f967ef6705b547bf27bcd866d77ac909d21a1e08

    • SHA512

      7099e1bc78ba5727661aa49f75523126563a5ebccdff10cabf868ce5335821118384825f037fbf1408c416c0212aa702a5974bc54d1b63c9d0bcade140f9aae1

    • SSDEEP

      1536:CPDzpyvLtmY7SeAmhPzV8+i7kRuACUxHf91MionF9JTwrLPG5zfO+lP7:UZl1e7L4ARzC3dwrLPG5zG+lP7

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/SelfDel.dll

    • Size

      4KB

    • MD5

      7cff7fe2caea5184d98c147e7e263132

    • SHA1

      21f39d3d0dd5f7198d67ef30e95d10ae3460093e

    • SHA256

      281c39b733579e031c62bdd247b41543ece1fe3bd6eda26fc8ad474b10f33101

    • SHA512

      fb1161b8571d1d0c67e2df0d571b08f5e7a73f81409aed847344154d02406910629181bcce4e18e998ec472f51a6a1b40d956a010abdd10e850413aafa87808a

    • SSDEEP

      48:CzHDh3jgWMynQfXKsJ3eAn67wN4VDm0pmoZSeJY8JTaCILFoyTFS7lWsaEaSueq:S18WMynkXKOOATEVUPnS7s9TShqTM

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      13KB

    • MD5

      29858669d7da388d1e62b4fd5337af12

    • SHA1

      756b94898429a9025a04ae227f060952f1149a5f

    • SHA256

      c24c005daa7f5578c4372b38d1be6be5e27ef3ba2cdb9b67fee15cac406eba62

    • SHA512

      6f4d538f2fe0681f357bab73f633943c539ddc1451efa1d1bb76d70bb47aa68a05849e36ae405cc4664598a8194227fa7053de6dbce7d6c52a20301293b3c85f

    • SSDEEP

      384:RlNMjIH4DnFnyJ0Dt5ZtmVWsSLr4z9VwzU:RlqMYzFnD/tmQFLrSw

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/fct.dll

    • Size

      4KB

    • MD5

      e3f3809f51c7982d96aaf9c090f7d176

    • SHA1

      7494daa8000c0b31c58d94edc509232569a4606f

    • SHA256

      010f5e0c69b4a630b08b2551e03d8044a33350f151848dcf50953407012fab29

    • SHA512

      3fca284e384abc95201dc73f19bd9d75413e8890e819967070b9d9991115be2a8c17e07bd1aaaffcbc770b393bf9a2af253100ac4d9efba8d21110bac97737fc

    • SSDEEP

      48:qlQOVagyAU3gJS+Tgc43uiu7Dh/gdp/gRfykVwv+:qa33gJS+ccQuiuJE/kyku

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      05450face243b3a7472407b999b03a72

    • SHA1

      ffd88af2e338ae606c444390f7eaaf5f4aef2cd9

    • SHA256

      95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89

    • SHA512

      f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      EasyOn.dll

    • Size

      126KB

    • MD5

      b8d58e3a0587f0015e5ef6e611444f30

    • SHA1

      181d12bc03b329f4ddd4f85f792b2f0a7b9d147a

    • SHA256

      41321b02a4922ab9911e340c190eead9e17d5f56590921953b0658958e1bfba8

    • SHA512

      b2e1c3f4ec7e1f468fd8e4d190a17268f2008dfc8e8a68e45b6a109cb98322c5363d49d5aaf8e76cf38c7fc1e813179f776dd90ad6ae55b6b46ddbafe1b56434

    • SSDEEP

      3072:txSwDINkVwQag7NVj1agWgIknPGcnifj56:t4JwzRZPGl

    Score
    6/10
    adwarediscoverystealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral15behavioral16

    • Target

      EasyOn.exe

    • Size

      38KB

    • MD5

      e95bc409a64ea9a611bf6df227eb7e3c

    • SHA1

      9388530cf6d248c1c73cee05a2d66c77a1cbcac4

    • SHA256

      9bf1cea5efcecb3dd7f28c3d6359037807b3379aeb82f154c27e1f84c3286f3a

    • SHA512

      a5220d93b3c94d158e33b8d01fa2dc18dbf029ebd70871351b3b1c0fa6225d42e419122ecc0d0a12abecd3d42a90ab87793f239c21c63afcf05d6b2e10bc550e

    • SSDEEP

      384:Evb1cDbSw+uaAMTyX8DfW18WPNc33fxYJLuPkCQuhD:ET1Y2w+lfTuGoHP23P8LuDZ

    Score
    6/10
    adwarediscoverypersistencestealer

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral17behavioral18

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.