Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0d8f313906...18.exe

windows7-x64

7

0d8f313906...18.exe

windows10-2004-x64

7

$PLUGINSDI...ch.dll

windows7-x64

3

$PLUGINSDI...ch.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d8f31390657feafdceee1acbffde190_JaffaCakes118

  • Size

    242KB

  • Sample

    241003-darfca1bnr

  • MD5

    0d8f31390657feafdceee1acbffde190

  • SHA1

    b21fbee6a30d4c44b60228e1a0e4cec4605a9040

  • SHA256

    2249da86ba12abbefa9c98d0a14e6cf3404a7da5854c62399b92681420459170

  • SHA512

    929bbb361e374379b16a1df205f862f583a85c02c942cb747815a48acdc58dd65aaa0808b52cbc8ee2baa3d5b80761a049d8c0517c7794cba2e9b5b9d7e221d8

  • SSDEEP

    6144:MsaocyLCk5xf1QrVcEUp16Mj3elepybnoWSgBjt0Fisj:Mtobz5xf12qEUp1DOlhbnXt8Vj

Score
7/10
discovery

Malware Config

Targets

    • Target

      0d8f31390657feafdceee1acbffde190_JaffaCakes118

    • Size

      242KB

    • MD5

      0d8f31390657feafdceee1acbffde190

    • SHA1

      b21fbee6a30d4c44b60228e1a0e4cec4605a9040

    • SHA256

      2249da86ba12abbefa9c98d0a14e6cf3404a7da5854c62399b92681420459170

    • SHA512

      929bbb361e374379b16a1df205f862f583a85c02c942cb747815a48acdc58dd65aaa0808b52cbc8ee2baa3d5b80761a049d8c0517c7794cba2e9b5b9d7e221d8

    • SSDEEP

      6144:MsaocyLCk5xf1QrVcEUp16Mj3elepybnoWSgBjt0Fisj:Mtobz5xf12qEUp1DOlhbnXt8Vj

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/VPatch.dll

    • Size

      10KB

    • MD5

      e7de13c3dd744f2a754553687219d39a

    • SHA1

      96c5f7e23a5a49e8fe6cb7830002aad607d003e3

    • SHA256

      2168f690bb1e751690a8d6922550cd86adc0762c63e9276f319116a9df910383

    • SHA512

      0cd5e5343b6d893e4772c470442d8ea081d61ce38b546421a1e323cf2a0d1e2b042e009e7a14a8acb27c9d97186dd9358f5f9083dd30e9f6f41764f228febb6b

    • SSDEEP

      192:SbabPGATMjWFOsHGhklhOaezMNLYKFaLQuCcUo:SbabPGATypsBxNLJsBCcP

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      8KB

    • MD5

      249ae678f0dac4c625c6de6aca53823a

    • SHA1

      6ac2b9e90e8445fed4c45c5dbf2d0227cd3b5201

    • SHA256

      7298024a36310b7c4c112be87b61b62a0b1be493e2d5252a19e5e976daf674ce

    • SHA512

      66e4081a40f3191bf28b810cf8411cb3c8c3e3ec5943e18d6672414fb5e7b4364f862cba44c9115c599ac90890ef02a773e254e7c979e930946bc52b0693aad7

    • SSDEEP

      192:r/QeHNWSvUTfWdXw08LYKFaynLb3MRlbOVlR:7jBvwudT8LJxnnMRlyVlR

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks