Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

0b41ae79d6...18.exe

windows7-x64

7

0b41ae79d6...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDIR/hnml.dll

windows7-x64

5

$PLUGINSDIR/hnml.dll

windows10-2004-x64

5

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b41ae79d6f39c034068d5b2dc2ec7a7_JaffaCakes118

  • Size

    70KB

  • Sample

    241002-sdmznawdpa

  • MD5

    0b41ae79d6f39c034068d5b2dc2ec7a7

  • SHA1

    8095ba146c7741cb4b3df627edca185894dfb7af

  • SHA256

    1a3f8a24ab6611410845314c2dbec7cbd80df2d74a34657296ce646fcbc42415

  • SHA512

    a3af3e41f9a940f10d83d99c812c93c0ff31f6a751cfef5635254ddd89c47a0a5bfafd37e30d6655ee1efd2d3989c3ea87523b19c25f603306c2c4a5b7cdf780

  • SSDEEP

    1536:fDV6awBrdbLkrude7mnflp4tmJHyO7UfcIBd5m7EjnDDs5E0Axpv9T:fDV6dAruRdWmJzofcILJjnDWopFT

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      0b41ae79d6f39c034068d5b2dc2ec7a7_JaffaCakes118

    • Size

      70KB

    • MD5

      0b41ae79d6f39c034068d5b2dc2ec7a7

    • SHA1

      8095ba146c7741cb4b3df627edca185894dfb7af

    • SHA256

      1a3f8a24ab6611410845314c2dbec7cbd80df2d74a34657296ce646fcbc42415

    • SHA512

      a3af3e41f9a940f10d83d99c812c93c0ff31f6a751cfef5635254ddd89c47a0a5bfafd37e30d6655ee1efd2d3989c3ea87523b19c25f603306c2c4a5b7cdf780

    • SSDEEP

      1536:fDV6awBrdbLkrude7mnflp4tmJHyO7UfcIBd5m7EjnDDs5E0Axpv9T:fDV6dAruRdWmJzofcILJjnDWopFT

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      32aa6334fc543e70ef0f792bb9a0c45a

    • SHA1

      54be1f5004f7e5afe7c9ba160495076ea2a4d60c

    • SHA256

      610e54bcfc2831d4f9d7030ceb16d35ee33006403d842f01b6e75bebea0083e2

    • SHA512

      ac92116821a032de8df64bf9aea9c6ba4040467eebaa4e028c2bf031f1c81bb69531288b9d89d951b952fe0b4ecccade874a5ae76d04db8b4dee2d13c486f9ae

    • SSDEEP

      192:V6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTwK72dwF7dBdcQOz:V6JaVh4I5rpPbTw+BdhO

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/hnml.dll

    • Size

      13KB

    • MD5

      e3cb93b1d2fb9d567a8c35a325338915

    • SHA1

      4673a34f9ba60581b196a713ab726a086dab5530

    • SHA256

      6f78707c80d5e62e39476d70a0b56041acb0bccc64124ca2242a1bc96ad31126

    • SHA512

      c40ce8e3eb24091a339c489576d8281e5595146306f70c1c0e91199c734b604098013a5ed8d2068d161043482e3698c45ccc033d35c0f439f4746f5757a18ca5

    • SSDEEP

      384:Ow5m7EzpDl45NqBF48GBaNJawcudoD7UI:ZmozFa5R8G0nbcuyD7U

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

    • Target

      uninst.exe

    • Size

      36KB

    • MD5

      8420438e419d653f911f16abfd26c9ed

    • SHA1

      d39750d6ceb780df4ea984d9645b2f9e94b80329

    • SHA256

      77a417460ee0c8c5bc65188ea2b0fa4ca9b2d2d6c94daa0ea206ea909e7d929a

    • SHA512

      c1ef2f814e7095d6c36986239441b4f0e91922ca70ddb64e857f267b84359117d6cbb426a30582e5ef0bc8e6bcd5a7787cee6200d9cfa10111b7000cd7e15a68

    • SSDEEP

      768:51DVgVapclBrPlbLQPCGB4/deAC6Jn7z8Ld8tx8wxp4wFBOV1mJHbaQ8b:fDV6awBrdbLkrude7mnflp4tmJHmT

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks