Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

ef0cf69887...18.exe

windows7-x64

7

ef0cf69887...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

WinKawaks.exe

windows7-x64

7

WinKawaks.exe

windows10-2004-x64

7

WinKawakss.exe

windows7-x64

3

WinKawakss.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef0cf6988749211bca2afd29536f7a97_JaffaCakes118

  • Size

    2.5MB

  • Sample

    240921-ev4rvavclr

  • MD5

    ef0cf6988749211bca2afd29536f7a97

  • SHA1

    70325035b5c03b23ec7f292470c3d427e7bdcdba

  • SHA256

    9d2290f444d64d64225c51448a4d24438b7b22c2e0b2f9d2301015ba074be393

  • SHA512

    5dc5317638b4ffc6b9dff90eed3defe7328043fece44a9fde2b4cdbbd38ad6371ba3705e7231403211755ac7256cde57ec5b3d9c3d5cfaef3032cbee2ffc2f62

  • SSDEEP

    49152:TLFGzCcot3LT6HyBIeNkcVEwhxJOorSkL0cmAvj988NvRElQb8eo8/1mJ:TLFeot3HIeNkcFK/kLpvGWvGSb8vJ

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      ef0cf6988749211bca2afd29536f7a97_JaffaCakes118

    • Size

      2.5MB

    • MD5

      ef0cf6988749211bca2afd29536f7a97

    • SHA1

      70325035b5c03b23ec7f292470c3d427e7bdcdba

    • SHA256

      9d2290f444d64d64225c51448a4d24438b7b22c2e0b2f9d2301015ba074be393

    • SHA512

      5dc5317638b4ffc6b9dff90eed3defe7328043fece44a9fde2b4cdbbd38ad6371ba3705e7231403211755ac7256cde57ec5b3d9c3d5cfaef3032cbee2ffc2f62

    • SSDEEP

      49152:TLFGzCcot3LT6HyBIeNkcVEwhxJOorSkL0cmAvj988NvRElQb8eo8/1mJ:TLFeot3HIeNkcFK/kLpvGWvGSb8vJ

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      b18dfaded8f6d2380fdfd8f6b6969211

    • SHA1

      969fa0e906240ab1123254feeb833c275626cf76

    • SHA256

      747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58

    • SHA512

      25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c

    • SSDEEP

      192:66JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTLK72dwF7dBdcQOz:66JaVh4I5rpPbTL+BdhO

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      WinKawaks

    • Size

      350KB

    • MD5

      0b459a1462f02809e33d5d9345b956da

    • SHA1

      98d5b12a0f2badd73dbfc57d8eca789712d5ba16

    • SHA256

      5a88b8d682d63e3319d113a8a573580b8881e4b7b41e913e8af8358ac4927fb1

    • SHA512

      93a5864f8795078ffae7152d880b70219383b5c210ec18c06d1e884e8eb565ee50380937d5b841a5449fc0f99ac7b6aa68cc6b5879f07293eae114690a93eade

    • SSDEEP

      6144:VkUW4PFUxkfsWYUc3wWtY4I4vTIZ6z37YyQYxuY+1bDGL6Sp:yyK+Ro3wWtXI4vTjMyQ3Y+Q6g

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

    • Target

      WinKawakss.exe

    • Size

      2.4MB

    • MD5

      fde6b77a11eb4a48ddb9f1b06518c8e8

    • SHA1

      5a75fdf0a2dd583b9894afef451eac04e41c92d9

    • SHA256

      59943a945355107e9e279787028da715c2859c224bc870e2c9c63fa278b39939

    • SHA512

      5f8d2bf35c438aa9dd5f52be0687a78e003807ec8b251f3968230d4282bef0bca169d6d2bee6a452166a11b05c12a1f41d8326eed575dee0fd874465c3364e4a

    • SSDEEP

      24576:9AOITrkGIz36Q2sbIfi71i2HNtvjexqmTEC5Nn6b6cQiSH5REzwD813MzcmHby7q:9VwrkVLbL1frdCYR7SbHYmHG5Cp

    Score
    3/10
    discovery
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks