Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

fddb8b56a0...18.exe

windows7-x64

7

fddb8b56a0...18.exe

windows10-2004-x64

7

$0/resultbar.dll

windows7-x64

1

$0/resultbar.dll

windows10-2004-x64

1

$0/resultbar.exe

windows7-x64

1

$0/resultbar.exe

windows10-2004-x64

3

$0/uninstall.exe

windows7-x64

7

$0/uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fddb8b56a01dfc7b2f20db5ae8c6afa7_JaffaCakes118

  • Size

    654KB

  • Sample

    240929-ftrlkatere

  • MD5

    fddb8b56a01dfc7b2f20db5ae8c6afa7

  • SHA1

    53a3b37818847340a7c1c4111dcb4510f5bc9060

  • SHA256

    b5457332bb2f8d2d2658b2db158f0ed12af8e4502c76e0ac717f7313d13fd8ba

  • SHA512

    c85f534908af034cfac24bd102479d473ef49ab454c6d04cb82c3c22278f75f9224a29e889e2335d3ae98b915563e30bc91d489dd85fa2d850606b722a4ab7f0

  • SSDEEP

    12288:QOazeZYFBIuY8ldJ2su4+wVeWuXJ0kkw+dqDRhXzN/I3aSu7+RiF2obD1Y:D2FhY+d/on5/F+dqR/I3aSu7B+

Score
7/10
discovery

Malware Config

Targets

    • Target

      fddb8b56a01dfc7b2f20db5ae8c6afa7_JaffaCakes118

    • Size

      654KB

    • MD5

      fddb8b56a01dfc7b2f20db5ae8c6afa7

    • SHA1

      53a3b37818847340a7c1c4111dcb4510f5bc9060

    • SHA256

      b5457332bb2f8d2d2658b2db158f0ed12af8e4502c76e0ac717f7313d13fd8ba

    • SHA512

      c85f534908af034cfac24bd102479d473ef49ab454c6d04cb82c3c22278f75f9224a29e889e2335d3ae98b915563e30bc91d489dd85fa2d850606b722a4ab7f0

    • SSDEEP

      12288:QOazeZYFBIuY8ldJ2su4+wVeWuXJ0kkw+dqDRhXzN/I3aSu7+RiF2obD1Y:D2FhY+d/on5/F+dqR/I3aSu7B+

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      $0/resultbar.dll

    • Size

      564KB

    • MD5

      e64a6e0af5e36ddcc57af250c6d67599

    • SHA1

      7d05c1136a4209631fd1f61980f7095c2bcfe3c0

    • SHA256

      c441860fee17f2084563ddc0919ed22199135ec2ea7096013645260b7d8f9575

    • SHA512

      14ca1505e827d2ea77626c6ddf5976d95c08a3e2cf5e30bbb480b95a4721c2fc305fc7e43c756ae1eec6b89756c1daa5add09d8986029ccc69cd80ad0ab3df10

    • SSDEEP

      12288:OdXoxe91G/ffJ4HoJglxlFoElp/1TNjZA3h0soH5l2:Uf9EJzYlyCptTNjm3h0rH5Y

    Score
    1/10
    behavioral3behavioral4

    • Target

      $0/resultbar.exe

    • Size

      48KB

    • MD5

      dd4be76eb8e2dbb337058604ea25c57d

    • SHA1

      6f0d8746eaf2d2258b86b7301c9a9928e807a541

    • SHA256

      915228f7184e3180ba59a9d282e017c63fe3f7d0e34f7a9786ec0698a60a5019

    • SHA512

      188a318d0a28b6089388aa26e72e9432aed85d96e4a047ca78158db59c99c0a09c9966b5c5d29def0048ddeac8cb409f0db08a2b8148634c14a950c68efddf5f

    • SSDEEP

      768:VB/VmnNEsNMEXMU2cSqlLNSyvBo9eUTZjzzDIkK/bxhT5Dv4LA8bSf:P9sNML4rhN/v+TZjHDfYDQkASf

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $0/uninstall.exe

    • Size

      82KB

    • MD5

      c78dc19bab9bcb490d031ccca4bdf853

    • SHA1

      f40960a41ff93fdcad2793f36fb5437db93b120c

    • SHA256

      a743fab26fad94ba571933471af4685660a80c73ef4a86ea276aebcc197b2600

    • SHA512

      da9f21b7eb01b3350614ee912f98389e209e0ce0afed08fdd13bea153f28510a2aeb468c10bf3317e0fe2716af9d67702996a8cbf18eb3ce1435be68c722abca

    • SSDEEP

      1536:jEkjY1zy214Qay0DGkJ7qAELVigJxf7DcptJgNfKeQ2/DRkAi:AkjAJ4dDGkJ+AI0JXJGKeH/u

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral7behavioral8

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      13KB

    • MD5

      d765c492c21689e3d9d61634371fd861

    • SHA1

      ac200933671ae52c9d5544d0e2e8e9144d286c83

    • SHA256

      551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc

    • SHA512

      9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f

    • SSDEEP

      192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      fe24766ba314f620d57d0cf7339103c0

    • SHA1

      8641545f03f03ff07485d6ec4d7b41cbb898c269

    • SHA256

      802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd

    • SHA512

      60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3

    • SSDEEP

      192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB

    Score
    3/10
    discovery
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks