Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
70b41ae79d6...18.exe
windows7-x64
70b41ae79d6...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDIR/hnml.dll
windows7-x64
5$PLUGINSDIR/hnml.dll
windows10-2004-x64
5uninst.exe
windows7-x64
7uninst.exe
windows10-2004-x64
7General
-
Target
0b41ae79d6f39c034068d5b2dc2ec7a7_JaffaCakes118
-
Size
70KB
-
Sample
241002-sdmznawdpa
-
MD5
0b41ae79d6f39c034068d5b2dc2ec7a7
-
SHA1
8095ba146c7741cb4b3df627edca185894dfb7af
-
SHA256
1a3f8a24ab6611410845314c2dbec7cbd80df2d74a34657296ce646fcbc42415
-
SHA512
a3af3e41f9a940f10d83d99c812c93c0ff31f6a751cfef5635254ddd89c47a0a5bfafd37e30d6655ee1efd2d3989c3ea87523b19c25f603306c2c4a5b7cdf780
-
SSDEEP
1536:fDV6awBrdbLkrude7mnflp4tmJHyO7UfcIBd5m7EjnDDs5E0Axpv9T:fDV6dAruRdWmJzofcILJjnDWopFT
Behavioral task
behavioral1
Sample
0b41ae79d6f39c034068d5b2dc2ec7a7_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
0b41ae79d6f39c034068d5b2dc2ec7a7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/hnml.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/hnml.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
uninst.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
uninst.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0b41ae79d6f39c034068d5b2dc2ec7a7_JaffaCakes118
-
Size
70KB
-
MD5
0b41ae79d6f39c034068d5b2dc2ec7a7
-
SHA1
8095ba146c7741cb4b3df627edca185894dfb7af
-
SHA256
1a3f8a24ab6611410845314c2dbec7cbd80df2d74a34657296ce646fcbc42415
-
SHA512
a3af3e41f9a940f10d83d99c812c93c0ff31f6a751cfef5635254ddd89c47a0a5bfafd37e30d6655ee1efd2d3989c3ea87523b19c25f603306c2c4a5b7cdf780
-
SSDEEP
1536:fDV6awBrdbLkrude7mnflp4tmJHyO7UfcIBd5m7EjnDDs5E0Axpv9T:fDV6dAruRdWmJzofcILJjnDWopFT
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
32aa6334fc543e70ef0f792bb9a0c45a
-
SHA1
54be1f5004f7e5afe7c9ba160495076ea2a4d60c
-
SHA256
610e54bcfc2831d4f9d7030ceb16d35ee33006403d842f01b6e75bebea0083e2
-
SHA512
ac92116821a032de8df64bf9aea9c6ba4040467eebaa4e028c2bf031f1c81bb69531288b9d89d951b952fe0b4ecccade874a5ae76d04db8b4dee2d13c486f9ae
-
SSDEEP
192:V6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTwK72dwF7dBdcQOz:V6JaVh4I5rpPbTw+BdhO
Score3/10 -
-
-
Target
$PLUGINSDIR/hnml.dll
-
Size
13KB
-
MD5
e3cb93b1d2fb9d567a8c35a325338915
-
SHA1
4673a34f9ba60581b196a713ab726a086dab5530
-
SHA256
6f78707c80d5e62e39476d70a0b56041acb0bccc64124ca2242a1bc96ad31126
-
SHA512
c40ce8e3eb24091a339c489576d8281e5595146306f70c1c0e91199c734b604098013a5ed8d2068d161043482e3698c45ccc033d35c0f439f4746f5757a18ca5
-
SSDEEP
384:Ow5m7EzpDl45NqBF48GBaNJawcudoD7UI:ZmozFa5R8G0nbcuyD7U
-
-
-
Target
uninst.exe
-
Size
36KB
-
MD5
8420438e419d653f911f16abfd26c9ed
-
SHA1
d39750d6ceb780df4ea984d9645b2f9e94b80329
-
SHA256
77a417460ee0c8c5bc65188ea2b0fa4ca9b2d2d6c94daa0ea206ea909e7d929a
-
SHA512
c1ef2f814e7095d6c36986239441b4f0e91922ca70ddb64e857f267b84359117d6cbb426a30582e5ef0bc8e6bcd5a7787cee6200d9cfa10111b7000cd7e15a68
-
SSDEEP
768:51DVgVapclBrPlbLQPCGB4/deAC6Jn7z8Ld8tx8wxp4wFBOV1mJHbaQ8b:fDV6awBrdbLkrude7mnflp4tmJHmT
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-