Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    76231aa5daf7e77b57ce225a2c72c8ec_JaffaCakes118

  • Size

    2.9MB

  • Sample

    241027-1vct1s1lcr

  • MD5

    76231aa5daf7e77b57ce225a2c72c8ec

  • SHA1

    93e73555f870abe15f692b146a2135a20200aa10

  • SHA256

    113d4fb8f7503e7b240aca6df1fb3882fd15e43b3f242fc9df72a00dbbfa80d7

  • SHA512

    b88403545c6f7af99ce3d29b4a383842d4a29ce87629c21528a773a1c80a7483a8dd3f6fb9ffd09e705ed931a7ba999bbfea73656468c4122736875582526052

  • SSDEEP

    49152:pvcpFgJWquIdCctulDogi4GPhIo6svlgyJEooXE2+7hobbaNnYQnDoc:pvcEYEtuxogNGZvtlgyJEQ2+7hkknDoc

Malware Config

Targets

    • Target

      76231aa5daf7e77b57ce225a2c72c8ec_JaffaCakes118

    • Size

      2.9MB

    • MD5

      76231aa5daf7e77b57ce225a2c72c8ec

    • SHA1

      93e73555f870abe15f692b146a2135a20200aa10

    • SHA256

      113d4fb8f7503e7b240aca6df1fb3882fd15e43b3f242fc9df72a00dbbfa80d7

    • SHA512

      b88403545c6f7af99ce3d29b4a383842d4a29ce87629c21528a773a1c80a7483a8dd3f6fb9ffd09e705ed931a7ba999bbfea73656468c4122736875582526052

    • SSDEEP

      49152:pvcpFgJWquIdCctulDogi4GPhIo6svlgyJEooXE2+7hobbaNnYQnDoc:pvcEYEtuxogNGZvtlgyJEQ2+7hkknDoc

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      0dc0cc7a6d9db685bf05a7e5f3ea4781

    • SHA1

      5d8b6268eeec9d8d904bc9d988a4b588b392213f

    • SHA256

      8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    • SHA512

      814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    • SSDEEP

      192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo

    Score
    3/10
    • Target

      $PLUGINSDIR/ReadCustomerData.dll

    • Size

      64KB

    • MD5

      703598aa5ff97f512112cd766543a2f1

    • SHA1

      0bfb74b03227ee8510e153785edd76625404ab55

    • SHA256

      5f76752e83789bb8184070d618d83f43c2f565cc7fad2c4266e44339223ba69b

    • SHA512

      3eff4670a3c97ec931eb1240d22a943ad6b19ea07ce781dabcc656ae2049d36c42b8f5bf3ce59366057ea3ece8913e83da3ec98c2c1434edf144dd9d4731fe58

    • SSDEEP

      768:TWaFM5hBUVVsDPytWyIBvsdfk3Nhs8o6S5uymhRv1OInQ/bTLZmTtxHWQ:CvnuV+TcWGIPOChRwIQ/XLQtxH

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      00a0194c20ee912257df53bfe258ee4a

    • SHA1

      d7b4e319bc5119024690dc8230b9cc919b1b86b2

    • SHA256

      dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

    • SHA512

      3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      $PLUGINSDIR/TvGetVersion.dll

    • Size

      55KB

    • MD5

      bec86f19027cbb13f05881e6712388f2

    • SHA1

      c5fe5ecffe244869c60d8e3a023b610a08b62ff4

    • SHA256

      c774a0fb87248b985b8543bd5ce2d5f58d64c091c912de8c0d45d9ff18ca1835

    • SHA512

      553a707b7b3d2b74039695e01c0a74c9c9a84696c67a1c087680fac8384998009369cbe78c6f1b23a018d0f4b46665379eb6f22bc0436d15d385bb8625e14837

    • SSDEEP

      768:ZX4xrWyk9mIyPmr5yPItXjZJ/pY0RaOnot0kEabnOhXw1tslXYBt:ZXw2mIydKFRaM40khOhMtslXM

    Score
    3/10
    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      176KB

    • MD5

      06ff2b95b8e123d32487b0cb73409031

    • SHA1

      8cb3f584112db4e74cea4ed02d4ce0b3a5373bfa

    • SHA256

      0dedad042a306da32784c3ce79bfac0475b827e416c17e1a1dfdb461151f4271

    • SHA512

      174e7599ba87bc45111ce340d7563771353df71988d6b9094d8bdeab4b45ec730cbd2e6bf3943ad66daa02d7f1f1eac0020b987109fabed96b2e0def8d0602c6

    • SSDEEP

      3072:rfSCQ4FYoKhEHvf4aytolZ8MMNjXtWXTkibb7zHetRYFJ8:HFYosEH3UtoX8fUtXPOm

    Score
    3/10
    • Target

      TeamViewer.exe

    • Size

      6.2MB

    • MD5

      93f07bec68e8034a720af5d8192cc7d9

    • SHA1

      2712801b4eb30809ce7737a3058e39d23f57cbef

    • SHA256

      015b1912e194a987b997453d34807c61964695668e96798f1a0f14d8b860b441

    • SHA512

      df762eae64b4eac28c432e767219fbebdd2cbeafdf42a454458c5a5142de9f65152b4bc917af421e62065656124f64e734863ce22165c617536a3cf2e2067292

    • SSDEEP

      98304:5rPxZWF5vO3sdWADovMsyvXEwUKTvtF1eyKTxcraQsCQkBHIhAND/uF5wjQOo+sX:5rPTcvO0DDAfy/TvtZZIAuFa6aIrpB

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Target

      TeamViewer_Desktop.exe

    • Size

      2.2MB

    • MD5

      de387d6df42108e47e5b771edc1a9307

    • SHA1

      b8f3150e6e2431a52373bf50514cfab370cb14df

    • SHA256

      701fa727912566b842d6072839d4f4af505f2d9662bea789bd70460d383dfd00

    • SHA512

      91d014c1a70b23f91a9ae6159cdecca139231ce7db408f7f0edf22259cb820323060d3165639093180ec3b18b783cf4e4e9cd06f8f126cd765c86169031d8d73

    • SSDEEP

      24576:P/OJmyMRRS07UdaYN1jgH65zwDX+8VYrI336RZrhGT0zAFGSFAzgCu/kKiJycmcX:9HszfnzcX0rI33IrhGhFauathNZBr1

    Score
    3/10
    • Target

      TeamViewer_Resource_fr.dll

    • Size

      266KB

    • MD5

      9af4a79fa623b3ab053db41c0a2f6111

    • SHA1

      bd390794a64c581086971a370d462a406d949aa3

    • SHA256

      684c72614db74d8e35406c5bf766b234e772b0471fd98ef8e62365dd1ca7527c

    • SHA512

      afb1af45cab5360e92d238f393a8811d879dd92a08d7b0ae3404565f704699e08a377f902224c5eeb5119be5d3ee848cf311396fa41d1a2210225c906446d826

    • SSDEEP

      3072:C4DdofYRxYv0sSpMU4HBpAZ1i7BXdUyp8a6vzDt1Rag1mB:KSh4HLAZiIu6xG

    Score
    1/10
    • Target

      TeamViewer_Service.exe

    • Size

      2.6MB

    • MD5

      bea57f6d10e8ee1a59d05c378d6649d0

    • SHA1

      d919eb6dc0a4c9e288a54bf3a5100f85518599d5

    • SHA256

      1dea67a601eaafaba2cb80229b1a4a05b6099c6f1be2ed5b20487786c82b8417

    • SHA512

      3f6fe928906fc14d694309b8068457fd6feaf932abf8ff9431056ee64c9b5fd5ffab1f9cfc546ee4a9f740c7a3516d4e2469454f032757e4577e4b920ac3b1cd

    • SSDEEP

      49152:EW02brLiE0e+hSBn3x709EV+S0E06zDoHc4aMIbIoANGq/kII4dbGApETLe:EWR/pcehIKF0EhzkHcf8oANZ

    Score
    3/10
    • Target

      TeamViewer_StaticRes.dll

    • Size

      2.3MB

    • MD5

      544bd524f936e803f493ab8ed918c25c

    • SHA1

      a84a04020b5708b14321a9adde34482e2fefbbc3

    • SHA256

      192e8b09becfbebac4fe71fe6ed391d0448f3c7056c88f68248be9a8505ddd57

    • SHA512

      7f66fd5a4b3e7eb25202e737e5ac841d44f5121571e6fa6f14a90f258435fc07f05ef2fa9e999864ef2f98fdeaf4b7db230fd80e01d2d43b211bcec49be99d05

    • SSDEEP

      12288:07FRMxerSauRDWxe2CPE8L+YoBSNPramjvT1Vg:MprSajWL1T1S

    Score
    1/10
    • Target

      tv_w32.dll

    • Size

      64KB

    • MD5

      cf249d56bb0d4685dd6c4828b97b8307

    • SHA1

      aed4ccf8f9a280b84796e36d56f3fdf373410526

    • SHA256

      ea3f4562e20e6b4bd892e11e597ccc02325aca1be579df244ce015b3bc7133c7

    • SHA512

      f1ac55090ee93ad141e2cec3d9a0a98eddcdf50b26cddc41274cbb74fd87720584bf4aa37ae84683ea7c59d75ef0c26196a9aea1afd81b5836624ffc85ba4cf3

    • SSDEEP

      768:lkW6VIpfAl7yjqJ9V/iP30cu9FJ+VlTHPWyqPGYDIIL:ltqIpYYmOHuPAVVW9Z

    Score
    3/10
    • Target

      tv_w32.exe

    • Size

      103KB

    • MD5

      684c5d48dd6a0cced97c4fe983bcfe47

    • SHA1

      cf9c9c3d4d3bd073b83e169df85c074463b68167

    • SHA256

      5531101a8387222cac733726f6f58fb02ee4ce7798e5964514837c10ef4f7877

    • SHA512

      7e3e88366df92a44ce981bb6d49e64cb642ddffcfe73322239e6050a53631f649706479bb37e260a299319d58d4834ffcb5b6edfa7573d647fea919fe9903c79

    • SSDEEP

      1536:QQLuOPVckAlDOuWen7dqxCuRcCfKZjwkDi/A5JAYR5vadW:TLvakAxdcjkk/A9R5va

    Score
    3/10
    • Target

      tv_x64.dll

    • Size

      76KB

    • MD5

      70014c076003d1d4822366c79ba3e3e6

    • SHA1

      af350e238354c8cb46b63aec7bdab680554e9641

    • SHA256

      93bfe08aeedc6a995883e83652ec81080503104a69f15549f640e934aa691a82

    • SHA512

      7807705657cfced2423ea106a2492e4d494eb59f6b666fd448b54df196fdbf6618f470facbff71593b14b43b32d668f3868a21f6a880d2f84dd7ef491c330e64

    • SSDEEP

      768:mDpSeSiE2jFPM0BdmVI6pzYbW1fxkClSN8Qx9pig8HK77TkyYYYVoQsLtIIL:ASeSiEZs8a6BY1oSNbfQu7TkyYNVId

    Score
    1/10
    • Target

      tv_x64.exe

    • Size

      126KB

    • MD5

      84c57f59da45494c5a1c124bd294aa1f

    • SHA1

      d41c850246e286309ecc737e8d24ed1b16841640

    • SHA256

      05e3ae965608f662378232e4847754e18c09f2b98e5bbb380f784f320a865bd9

    • SHA512

      715f981edda272725933cd0f6aab86049cbfc75f9f1b8af62a7be69512b559ae0592346b9b0b3ba763d7546ce60fa85362e657fab34d8a11caa26bc6be629627

    • SSDEEP

      3072:+UwSVG88g4k/sVlgGQZkc+DnFKPcQmlZKEdV/5QY:+I0VlgZZ5+MPcQ4ZlVW

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
5/10

behavioral1

discoveryspywarestealerupx
Score
7/10

behavioral2

discoveryspywarestealerupx
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discoveryspywarestealer
Score
7/10

behavioral14

discoveryspywarestealer
Score
7/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10