Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

GooglePass...e.html

windows7-x64

3

GooglePass...e.html

windows10-2004-x64

3

GooglePass...se.rtf

windows7-x64

4

GooglePass...se.rtf

windows10-2004-x64

1

GooglePass...or.exe

windows7-x64

7

GooglePass...or.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

GooglePass...or.exe

windows7-x64

3

GooglePass...or.exe

windows10-2004-x64

3

Readme.html

windows7-x64

3

Readme.html

windows10-2004-x64

3

SecurityXp...se.rtf

windows7-x64

4

SecurityXp...se.rtf

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f6a405b0fb496bab46a6627b8167cee6_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240925-xfavbs1epk

  • MD5

    f6a405b0fb496bab46a6627b8167cee6

  • SHA1

    8dd61f10ba1bb6618be4e65d95fa0ac029b245d0

  • SHA256

    5bc488e5bbc0112c8863ece0dd2e6edd171742d0aa6c562f4ae26195007007e2

  • SHA512

    9d7cc2374b5a59d1d1b969889c14e41bef17e14df7b3bb58de9730dc59275b65a06fe1507feee8eaca57584cc8d2d9ee02df73a02df23fad15d72fa2bb202f6e

  • SSDEEP

    24576:tUdrvYgNutMzmIOZt5nMUnQUuXnEP36ppJAiZ8VSshKaCZylEeqqMyIbozjvol0:tUBYg53u5nzQY3KWV8MKelrq90

Score
7/10
discovery

Malware Config

Targets

    • Target

      GooglePasswordDecryptor/Readme.html

    • Size

      502B

    • MD5

      fdb9d1d72b18241777626a9684200a17

    • SHA1

      cb2c46befa50a9c5ee61662b5a5813ff16658689

    • SHA256

      7dea6758ac440d2976253c48ec50237e630ba6ac063629cc82ca4e0dd8980dd2

    • SHA512

      5eccfe46b48ae6472c9609a928fa3e59db3799f892f804c0051fca7153090b4c594bada51f15a9da2569e4d6533afea8a4fccf83eef9396e902955c3e429ad61

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      GooglePasswordDecryptor/SecurityXploded_License.rtf

    • Size

      46KB

    • MD5

      08356da9d198790e79024be91d0d9f83

    • SHA1

      2d2183f999d6f65b62f2864d632f82e4e6254835

    • SHA256

      96a0f2f8555c4252e17c300ec5b6dcf45f69227e75fbb10721625c2fe42fa08c

    • SHA512

      4a752073ae245b2bd299969ab8e1e30214940ecbb61bd33f4aab8552345ecd5191dbcd05917e09e4e6a9810bcd8fd9e2623780a1f1676eb08a8581d616757c87

    • SSDEEP

      384:3CgntDM3dKw0zybdKkIdlczC65GEzOTeo75Y3kmA31dv61Qy4:3Cgn3dlcG6tZrS14s

    Score
    4/10
    discovery
    behavioral3behavioral4

    • Target

      GooglePasswordDecryptor/Setup_GooglePasswordDecryptor.exe

    • Size

      1.3MB

    • MD5

      a99ea895de5577e9de5097e8b320eba4

    • SHA1

      b86018db94eba9d237e0bb5b1ec9808bc38da395

    • SHA256

      31a7dabc332c6c9d4276af227fdba679e8de7e33f4bcca04ee7797dba6670d7a

    • SHA512

      3f773ea8202b3e41a820fdcfd7af177c5e59508b4d8d37c639d009e11412a7482192d4f50becbe76fe94b8c3da0f0e21ed9caead154f2fc8738d191e990165e0

    • SSDEEP

      24576:n9ATMCBhdbftAdA6OZz5nMUn+2uznEP36pJJA0uDZwh7sorb+3qblFyQneqgqNvR:n9AICzdbgNy5nz+a3BDSBs+C3ygQnefS

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral5behavioral6

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      7579ade7ae1747a31960a228ce02e666

    • SHA1

      8ec8571a296737e819dcf86353a43fcf8ec63351

    • SHA256

      564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5

    • SHA512

      a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      7569b23f19a0f5cb4c1d3b30a296c4bb

    • SHA1

      c5f3546b3c795e46445393960694a2341692ddc7

    • SHA256

      615bf32e15aaa8d58832df2298f75dd2b29ea5f25bf152c99630315cb618a31a

    • SHA512

      11663bf180f9540ad247957b6793f8afd1b4e66f3b692b4ad05735f07459dd524571245928c40e26e3de691472508f5632fcd4add1eebad559d504eca32c08a9

    • SSDEEP

      384:gBCwUYeQ8geEQyhUtXlcgCHe8DSMk8/UhU7ya4Lp0Ac9khYLMkIX0+GvRgbJ1:pwUEpet1cgCHe8DNN/UhUua4L

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      GooglePasswordDecryptor.exe

    • Size

      1.5MB

    • MD5

      73360ecaf5e1ffa3551f9eeedc6f5186

    • SHA1

      67a02e64e7499497fe9274fa7438afd2a32cac95

    • SHA256

      762adf3ed1c8a8cb9548d2815d9810a278d3056af842bd9396ba6fe657dc96bd

    • SHA512

      2314443b98a50418e79afb975bdcc33a33f93c258e6e2f0f946075053205971794d5ccbe852d4efa4a85f9573115b1ca11d6b91345931947f5245efe9013488b

    • SSDEEP

      24576:1mbLcAOE7BOO0blmqan6hwacFoqySPeXKI8/ZNYZWybVygIC51ScUkI2NbO:1mb7OE7BGnan+qySmXKIMSVygIC51aai

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      Readme.html

    • Size

      502B

    • MD5

      fdb9d1d72b18241777626a9684200a17

    • SHA1

      cb2c46befa50a9c5ee61662b5a5813ff16658689

    • SHA256

      7dea6758ac440d2976253c48ec50237e630ba6ac063629cc82ca4e0dd8980dd2

    • SHA512

      5eccfe46b48ae6472c9609a928fa3e59db3799f892f804c0051fca7153090b4c594bada51f15a9da2569e4d6533afea8a4fccf83eef9396e902955c3e429ad61

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      SecurityXploded_License.rtf

    • Size

      46KB

    • MD5

      08356da9d198790e79024be91d0d9f83

    • SHA1

      2d2183f999d6f65b62f2864d632f82e4e6254835

    • SHA256

      96a0f2f8555c4252e17c300ec5b6dcf45f69227e75fbb10721625c2fe42fa08c

    • SHA512

      4a752073ae245b2bd299969ab8e1e30214940ecbb61bd33f4aab8552345ecd5191dbcd05917e09e4e6a9810bcd8fd9e2623780a1f1676eb08a8581d616757c87

    • SSDEEP

      384:3CgntDM3dKw0zybdKkIdlczC65GEzOTeo75Y3kmA31dv61Qy4:3Cgn3dlcG6tZrS14s

    Score
    4/10
    discovery
    behavioral17behavioral18

    • Target

      Uninstall.exe

    • Size

      350KB

    • MD5

      1eb778d2eb9d67d8281e41b7ffc02f9c

    • SHA1

      c4e72dc5f2319e3364d087dcea94869626129158

    • SHA256

      68890695c9424818fe18794f5b65b3f099a8c4f394527121ecc4c203636fab30

    • SHA512

      d3a8475e5d42c3cb9081cfd0b163ce10e7715d8254c773a48afed6d31e15eca7a0cbc17060948402d666b43a15fca3d578010f47b484e0eb39c16cc5137453cf

    • SSDEEP

      6144:Fe34U/Q0RXiD0xvahQpE3MQJ58sJuCBhmG0wbGdPUnB3uIS:A/Q0HqMsTJuCBhd0wbGmBq

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral19behavioral20

MITRE ATT&CK Enterprise v15

Tasks