Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fa9222e8ce965d866f91d34c44d9e786_JaffaCakes118

  • Size

    240KB

  • Sample

    240927-rrmqdawgrl

  • MD5

    fa9222e8ce965d866f91d34c44d9e786

  • SHA1

    84872d3b60e7e5e1820f15985bf34753f63b4cb0

  • SHA256

    c1b7b8c8a1b6a623c554d32dbaf7e997d3f52c30435b3a80bcb375f169cf9269

  • SHA512

    48888db7e9cf3a26c8dcf8fa574d4b8de89fa66446495d38e66d92d5b77b3ceb1276ceef252332203bbb16c9eecfef436bd9599dbb51f6528aa25ea69682ef1e

  • SSDEEP

    6144:qzZZdN5LxGFUCwKz/S6DT6Dcs2GGxErGtCSaGw6:qzZfXFCUCxzAcs2GGx+wbaG

Score
7/10

Malware Config

Targets

    • Target

      fa9222e8ce965d866f91d34c44d9e786_JaffaCakes118

    • Size

      240KB

    • MD5

      fa9222e8ce965d866f91d34c44d9e786

    • SHA1

      84872d3b60e7e5e1820f15985bf34753f63b4cb0

    • SHA256

      c1b7b8c8a1b6a623c554d32dbaf7e997d3f52c30435b3a80bcb375f169cf9269

    • SHA512

      48888db7e9cf3a26c8dcf8fa574d4b8de89fa66446495d38e66d92d5b77b3ceb1276ceef252332203bbb16c9eecfef436bd9599dbb51f6528aa25ea69682ef1e

    • SSDEEP

      6144:qzZZdN5LxGFUCwKz/S6DT6Dcs2GGxErGtCSaGw6:qzZfXFCUCxzAcs2GGx+wbaG

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/BgWorker.dll

    • Size

      2KB

    • MD5

      33ec04738007e665059cf40bc0f0c22b

    • SHA1

      4196759a922e333d9b17bda5369f14c33cd5e3bc

    • SHA256

      50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

    • SHA512

      2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      959ea64598b9a3e494c00e8fa793be7e

    • SHA1

      40f284a3b92c2f04b1038def79579d4b3d066ee0

    • SHA256

      03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b

    • SHA512

      5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64

    • SSDEEP

      192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe

    Score
    3/10
    • Target

      $PLUGINSDIR/animgif.dll

    • Size

      8KB

    • MD5

      63f11d04d07615bd610c857d0abdbed5

    • SHA1

      fee63014806f8250c3e301a219fc43ef4b3a8f19

    • SHA256

      a1fa2e0191f986824f5fc0ef62aee8b4b25695cc56d4b00fecdc1c92f8ea237f

    • SHA512

      211f3689df9c219507072f71e9795e74cf9dd3a37f32330d8b7cb5cf335b9aec6f874df2e5fabf90e7f3e4d61655f7674d1ca94cd7d7ec4244a153019c334e23

    • SSDEEP

      96:r9TyHw2an3ioGqEHsVBMOZm0GY/IXZjtV0iY3gW4hHxqK/KUnGQEmPD7KGucbl0r:r9TyHLhCRZm0GIIJbzOaBxqpZc65KHy

    Score
    3/10
    • Target

      $PLUGINSDIR/execDos.dll

    • Size

      5KB

    • MD5

      0deb397ca1e716bb7b15e1754e52b2ac

    • SHA1

      fbb9bcf872c5dbb4ca4c80fb21d41519bc273ef5

    • SHA256

      720be35cd1b4a333264713dc146b4ad024f3a7ad0644c2d8c6fcedd3c30e8a1f

    • SHA512

      507db0bee0897660750007e7ce674406acf9e8bf942cf26ded5654c07682757b07c9eb767bead0966478abc554dc9a6461c4288dc35d12cacfadad4c128f1bb7

    • SSDEEP

      96:J++xDiP4p7t7dNOt3stxtRFFXxGD6qxlnKE6ttdH3r3:Rx9pJ7jQs5toD6Cln/6tt1

    Score
    3/10
    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      23KB

    • MD5

      7760daf1b6a7f13f06b25b5a09137ca1

    • SHA1

      cc5a98ea3aa582de5428c819731e1faeccfcf33a

    • SHA256

      5233110ed8e95a4a1042f57d9b2dc72bc253e8cb5282437637a51e4e9fcb9079

    • SHA512

      d038bea292ffa2f2f44c85305350645d504be5c45a9d1b30db6d9708bfac27e2ff1e41a76c844d9231d465f31d502a5313dfded6309326d6dfbe30e51a76fdb5

    • SSDEEP

      384:l4Z8sUAUNuGGsPVPEZ+OLkCnFJDhgvZwcRa9h9S4y4fO:lG8sUAUnt88CFJDhmajMA

    Score
    3/10
    • Target

      $PLUGINSDIR/nsArray.dll

    • Size

      6KB

    • MD5

      6585fc9e20b149a15e4dbb8aab03dbf6

    • SHA1

      d3839b1694341ad494b0f92e4e3c6cc1c18e2333

    • SHA256

      08e298c9a25208730f165660af4eec21e9fbd8021c34bce12a020d27e51843d4

    • SHA512

      234f98317ba3a0cad5954a261610e0c851f3ae01d8213267bf4c06b259b57f1cc629c81b10e0778755065973381be33496a2f2ed82fea6c92540a389d7126476

    • SSDEEP

      96:duRa4zuYKD7ODz63a0HydVCXRKnNh3ZGnjD6vHBzZHVefA7EfXxLfAZR:dOD+XHydMXRojUevpXjwX2ZR

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      f7b92b78f1a00a872c8a38f40afa7d65

    • SHA1

      872522498f69ad49270190c74cf3af28862057f2

    • SHA256

      2bee549b2816ba29f81c47778d9e299c3a364b81769e43d5255310c2bd146d6e

    • SHA512

      3ad6afa6269b48f238b48cf09eeefdef03b58bab4e25282c8c2887b4509856cf5cbb0223fbb06c822fb745aeea000dd1eee878df46ad0ba7f2ef520a7a607f79

    • SSDEEP

      192:y1zQhZDqlJcKISw99ioU3MSfwLF/+nhHUisdz:ozoZDGKYw9goWyFGBU7z

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      08e9796ca20c5fc5076e3ac05fb5709a

    • SHA1

      07971d52dcbaa1054060073571ced046347177f7

    • SHA256

      8165c7aef7de3d3e0549776535bedc380ad9be7bb85e60ad6436f71528d092af

    • SHA512

      02618317d6ab0302324aae4d3c5fca56b21e68c899e211cfa9412cf73820a1f931e56753c904fd7e510c638b4463aedbfe9536790279e096ea0387b67013e0c4

    • SSDEEP

      96:/Uspq2y5jOEEQrhySvUgfj74/vvrTBzfYZA4YF3Telac1nIq/2:/erjOELhySv5f2vvBjiAflaB1nIq

    Score
    3/10
    • Target

      $PLUGINSDIR/nsWeb.dll

    • Size

      8KB

    • MD5

      84bcf3c71e70d5a6e9dc07d70466bdc3

    • SHA1

      31603a1afc2d767a3392d363ff61533beaa25359

    • SHA256

      7d4da7469d00e98f863b78caece3f2b753e26d7ce0ca9916c0802c35d7d22bcf

    • SHA512

      61aefa3c22d2f66053f568a4cc3a5fc1cf9deb514213b550e5182edcecd88fadf0cb78e7a593e6d4b7261ed1238e7693f1d38170c84a68baf4943c3b9584d48e

    • SSDEEP

      96:9E1ZgHfHizBkiz1zCuNrwXTP8Jx/N6SCMeNV37bnwXwPML/bUdut5tCsPb2N6nOc:9E1ZkGdbiSCMeNN7LwAY/gd+Oc

    Score
    3/10
    • Target

      $TEMP/instloffer.exe

    • Size

      63KB

    • MD5

      fb9b18511894c93bca0f85ca949bca64

    • SHA1

      638b081b36460365f61c70daafc4b37e836f407b

    • SHA256

      364473e09b0d8af87e3b382bc3c8917558cda7be9e27ec06aca1c70c1ffd130c

    • SHA512

      0c63dcf2e18686e1add906d572f8ff3b93b756ccc83a38ae048fb1949528ed63d7521fdaee5e21f44209d65ec189f5e4fe68f228a9a91d6186ab2bea64d0f325

    • SSDEEP

      1536:jldZEszWriITJGrvopX1VF7CXjl7ybqYPRSEvrGqEYii:j2szWOITsEL50jl7yx5SEvrGqEdi

    Score
    3/10
    • Target

      $TEMP/license.rtf

    • Size

      64KB

    • MD5

      6b8dc5a7996305143c0130cffe8d1e47

    • SHA1

      1252766aac776551ac2cd24f9699f2eab60bc609

    • SHA256

      d5b1bf719d37616562675010510bb1ecb7604dd00b600ee8eab2772a22da3b7b

    • SHA512

      21011bb5259e7e5d24018099cdef1ab631eccb9faa6075d2ffbf7cea0274500fcb5e846b6cbf9b9f7c5e305c68d364ede926b7653c857276b39264e1cf1ef88a

    • SSDEEP

      192:joywdaDnpCHjJn1XnJmm/PUitwvvQFJuBDeoXoBSiBMKahj4kY63ErvQREnDydWl:cytIX8SFJmS1SiBMrj7Z3ErTtLgPJe

    Score
    4/10

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discoveryupx
Score
5/10

behavioral14

discoveryupx
Score
5/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
4/10

behavioral24

Score
1/10