Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

5

17ce2461cf...18.exe

windows7-x64

7

17ce2461cf...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

bomgar-jpt.exe

windows7-x64

3

bomgar-jpt.exe

windows10-2004-x64

3

bomgar-plk.exe

windows7-x64

1

bomgar-plk.exe

windows10-2004-x64

3

bomgar-sjp.exe

windows7-x64

3

bomgar-sjp.exe

windows10-2004-x64

3

nsnetpush.exe

windows7-x64

1

nsnetpush.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17ce2461cf41dc55fd1432dd9b461086_JaffaCakes118

  • Size

    3.2MB

  • Sample

    241006-m2yheazgkn

  • MD5

    17ce2461cf41dc55fd1432dd9b461086

  • SHA1

    6548f1d8eb93f7847d43de307c9fcf783983b042

  • SHA256

    b9968149cdedf77356e26d68d82bc47ac20d11a14763c026ec36b842850b4af0

  • SHA512

    93f725bd9d74da2191e2e658f6ac73df8da86bdfc371a8610f32bdc4fc19363b76802ac219ba2172abee3bb794c66fcbe3db932b8ecc17220ce32537de6b3add

  • SSDEEP

    98304:XbLB5a8V1wMQlFvacoQpOLVLTAr9PtganH9:rLB5lwMQwbL0kc9

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      17ce2461cf41dc55fd1432dd9b461086_JaffaCakes118

    • Size

      3.2MB

    • MD5

      17ce2461cf41dc55fd1432dd9b461086

    • SHA1

      6548f1d8eb93f7847d43de307c9fcf783983b042

    • SHA256

      b9968149cdedf77356e26d68d82bc47ac20d11a14763c026ec36b842850b4af0

    • SHA512

      93f725bd9d74da2191e2e658f6ac73df8da86bdfc371a8610f32bdc4fc19363b76802ac219ba2172abee3bb794c66fcbe3db932b8ecc17220ce32537de6b3add

    • SSDEEP

      98304:XbLB5a8V1wMQlFvacoQpOLVLTAr9PtganH9:rLB5lwMQwbL0kc9

    Score
    7/10
    discoveryupx

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      0dc0cc7a6d9db685bf05a7e5f3ea4781

    • SHA1

      5d8b6268eeec9d8d904bc9d988a4b588b392213f

    • SHA256

      8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    • SHA512

      814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    • SSDEEP

      192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      00a0194c20ee912257df53bfe258ee4a

    • SHA1

      d7b4e319bc5119024690dc8230b9cc919b1b86b2

    • SHA256

      dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

    • SHA512

      3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      1e8e11f465afdabe97f529705786b368

    • SHA1

      ea42bed65df6618c5f5648567d81f3935e70a2a0

    • SHA256

      7d099352c82612ab27ddfd7310c1aa049b58128fb04ea6ea55816a40a6f6487b

    • SHA512

      16566a8c1738e26962139aae893629098dc759e4ac87df3e8eb9819df4e0e422421836bb1e4240377e00fb2f4408ce40f40eee413d0f6dd2f3a4e27a52d49a0b

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      bomgar-jpt.exe

    • Size

      6.8MB

    • MD5

      a0436f9316c60b1e014c2a3f8524b4f4

    • SHA1

      99ed1dd965f6888ecbc7bc812e0a18d66b5482b8

    • SHA256

      9e423da7a1b0682e76c43148d555926d27340f72e9a9e7120163fe737c611397

    • SHA512

      62ddc5e205ef9aef7c293e08d0965c8b01ead225cbd38a39a030855e46cce43e7554f780e18984eaf3c51ec5c476e152896cdd7648f26d0d8fe3270dac1e25e8

    • SSDEEP

      98304:HEkUnwXZ0z8Q3lNNyjYzKS22nGzMYDCseMZBGp9nQ+xKFdu9lPPM6:uhhyY2wYDIRKFdu9a6

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      bomgar-plk.exe

    • Size

      336KB

    • MD5

      fdda8911fd801395055ef37fcf26d467

    • SHA1

      7bfe6f97faae94374f8e3d2163ede3bee5b54964

    • SHA256

      b45e21c9f6b5515ea3c7b6eb9a1386bdfc6b45e5d95081e5c9e884fd7ebb2c19

    • SHA512

      fed3fcbad8905edf003a0aaa85f80f69a9891b057fe26b1dbfff85309f180a0395e8e9ed35f138999e63bb6c35cc5ffe8a54b72594cc159a9f1484e959625706

    • SSDEEP

      6144:LZKrhvD+opdHIJq1c0jyazJrxdLyh7hln9NCmTG45YfnyiSdmQyGz/xwBSEbptAt:FKrh7+opdoJq1c0jSh7h1ymTG45YPzQR

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      bomgar-sjp.exe

    • Size

      924KB

    • MD5

      1b9486b508ff0b0f35cdc820504b05a2

    • SHA1

      761d9e4e28ce7b27c9c2c09ac75875ab7e49d6d4

    • SHA256

      794bdae691d1d9692d96d5426f708e5a71cdf0202afdb4efdda1dde707f51a07

    • SHA512

      9499c3f0c8aca40cedf15d6414b56be1c13875ced0fa58987b18ad3a72d167d9fbdb3b0bdd22682e4b93c7b1c77413b7ef4bd71a8c7c7a67c02c303fba4b5afc

    • SSDEEP

      12288:4mEELitK6MLzSmMV+JsAz6wEwLTNu5WtTkyYUJQqZXngs4gZYfybEdur1GtTre6F:4GitK6MLzSEJsAmy/tZfbdr1GTre69n

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      nsnetpush.exe

    • Size

      106KB

    • MD5

      89f13a65b1e41f4fd85e52f42fb2f654

    • SHA1

      f2dde88fdbce21e49347cf6ab848c2edc8ba4acb

    • SHA256

      3223e8540bc6c4e7f80a26a95457cf9600b690107f936f5906a4afd4b83c9a83

    • SHA512

      b22893186d761b6a359e6e80bfa942916dcd2fdd6817280f9b7da6b95561e378eacce577fe71cb89bcf238ff5550c9e6c9cf050f4c503822e45afba798a7bc1a

    • SSDEEP

      1536:EwHKvlgVNlhjjND8ElX7qjcqDhr/XR0Q02emKB9uw5ns5jRLUfMb+RyZr81M16og:EwHIKjnNNmhLX22emKB9uwxi2fUUMVg

    Score
    3/10
    discovery
    behavioral15behavioral16

MITRE ATT&CK Enterprise v15

Tasks