Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4241b5a3c8...18.exe

windows7-x64

3

4241b5a3c8...18.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

CrashReport.exe

windows7-x64

3

CrashReport.exe

windows10-2004-x64

7

Encrypt.dll

windows7-x64

3

Encrypt.dll

windows10-2004-x64

3

Funshion.exe

windows7-x64

Funshion.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4241b5a3c8e0c48d977ab15ebd5a2ce5_JaffaCakes118

  • Size

    496KB

  • Sample

    241013-1pg7jszhle

  • MD5

    4241b5a3c8e0c48d977ab15ebd5a2ce5

  • SHA1

    0bbf5eda35e3f4eec5c03d894b1ed5f8bb272cdf

  • SHA256

    a24cbb57d7aece9c05337727bfa522aa3a78b807efeadeeca4fc139582e56447

  • SHA512

    9510c9841ccee507bf8ab16cf5439cd9811666965c4b6d7f09cd2f0f86c17c98c3ed9b3ec44c57c4f93485fd25e36bd0d8d9613db973dc744336d6659582d0f3

  • SSDEEP

    6144:vWwMnud2ftsn+nA/Nf+NKmqe6sqjfftqVEOV/XNHHt5cTCXKqzVI0bxmafjAPzk4:0uayH/Nf+NMft65XNnt50MzVIymaf6pb

Score
7/10
discovery

Malware Config

Targets

    • Target

      4241b5a3c8e0c48d977ab15ebd5a2ce5_JaffaCakes118

    • Size

      496KB

    • MD5

      4241b5a3c8e0c48d977ab15ebd5a2ce5

    • SHA1

      0bbf5eda35e3f4eec5c03d894b1ed5f8bb272cdf

    • SHA256

      a24cbb57d7aece9c05337727bfa522aa3a78b807efeadeeca4fc139582e56447

    • SHA512

      9510c9841ccee507bf8ab16cf5439cd9811666965c4b6d7f09cd2f0f86c17c98c3ed9b3ec44c57c4f93485fd25e36bd0d8d9613db973dc744336d6659582d0f3

    • SSDEEP

      6144:vWwMnud2ftsn+nA/Nf+NKmqe6sqjfftqVEOV/XNHHt5cTCXKqzVI0bxmafjAPzk4:0uayH/Nf+NMft65XNnt50MzVIymaf6pb

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      1d5c649dde35003a618b9679d5d71b92

    • SHA1

      0409bbab3ab34f8c01289cdd847b4d1a32d05b18

    • SHA256

      0f4d3cee24e3f310fa804983c931d3628613988a24f0be7854f63a9309b8e45f

    • SHA512

      b432ebcc52905662d61a3f17e08e209a3f9d836a9071b3b5e80070af7ebcf34cf66c44426dda041c2a258fda4787e5692e2b35acbcd73288fb84fe3c977bbfd9

    • SSDEEP

      384:pKlm7i+c3QW6ckPhyDEaLnA2bbBBIXwZ:8qi8BcyhEhLBbbTI

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      4eff5fafd746f5decb93a44e3a3d570c

    • SHA1

      a11aa7681b7e2df1c7f7492a127d332d1495ea8a

    • SHA256

      cf61ddd15d63c25a12caee70f51ea736cfc02195c42e56ee01b33f689d3754c5

    • SHA512

      cde82d2a1f28506e4c2264f6b82017a00af32f138ebcdbaf4cc58463870fa626f708aa57465294c5a6f096c886841e7b9112b85bf3ea2f1d8f2da816b51b2d72

    • SSDEEP

      192:0OycJo/rJVCmIDNLU0dq5RD00lspbub76yL:6/QQ0d0RD0USq/6y

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      CrashReport.exe

    • Size

      176KB

    • MD5

      e95b1665b31209e605e2ae87f4fe16d4

    • SHA1

      7985b8d21d65e62b8bf482519a35f1f3c806867e

    • SHA256

      d4a636eb6f8725bb9f58fc01987f00e286378551dfb06d4a75f36cb636bca307

    • SHA512

      44b2da0ba18e8219b6e0ad64aa4ee2c1bdf208136d4771abc30ae2b1db7e428b29320e3115ba7ac15e03e1a844822c4366b94adbe161c018fe89e144af31f9b9

    • SSDEEP

      3072:bBmJ7ZVWiKNPurOBTikcTBfQ8IcF5xZ1skB:bs77WnNPiOJcTB48IcZJ

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral7behavioral8

    • Target

      Encrypt.dll

    • Size

      68KB

    • MD5

      618312332d11b514158373f5721f9326

    • SHA1

      9096b552061eb6b853844f23080ef956902a10c2

    • SHA256

      d162cf46914cd26dccd36c12ca5e7fe66a18b519e495901be222fed0bbbc46da

    • SHA512

      810a9f70aafafa5ad4b2b6449ff8eab2ff79d4149e957317ee9a21ebd14e811fa02d9b5617a0bd32c41ee0e3d6406997b7364d647e0c0ce1ffb23343beb95124

    • SSDEEP

      768:59MVMloL02y2aP8ny4X+RW5yBWVB+Tyy0QiNwMx5UaLh:59wMlygmX+RW5GWwyy01B5jV

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      Funshion.exe

    • Size

      738KB

    • MD5

      1ff644366fd14a350b12f05557df6268

    • SHA1

      9545ac9ead0483f86607394167d65eff412f6d1a

    • SHA256

      836b7a3baff2f9df75684c04e12406a7e79db336a9c1d04db770f0b2cffd3f2b

    • SHA512

      031fdf3fe3262f33bdb3034e7b31ac4938d4b8de2df1b2486d819f227c161333807b0661526ff96e7232fdedf5f7371d079767efeec1002389cf452f3356f1e9

    • SSDEEP

      12288:a6qYQyRhX9xG5zxWg0AJ2Q8WZQrPuT+hE1uAqm8FCy1IGei2MRD9HV5N917JadE0:CwZ9xGilWZUCAEXISkPjC

    Score
    1/10
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks