Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

9c437863ce...18.exe

windows7-x64

7

9c437863ce...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

3

$R0.dll

windows10-2004-x64

3

CopyEngine...ne.dll

windows7-x64

1

CopyEngine...ne.dll

windows10-2004-x64

1

Listener/c...er.dll

windows7-x64

1

Listener/c...er.dll

windows10-2004-x64

1

PluginLoad...32.dll

windows7-x64

3

PluginLoad...32.dll

windows10-2004-x64

3

Qt0SystemInfo.dll

windows7-x64

1

Qt0SystemInfo.dll

windows10-2004-x64

1

Qt5Core.dll

windows7-x64

1

Qt5Core.dll

windows10-2004-x64

1

Qt5Gui.dll

windows7-x64

1

Qt5Gui.dll

windows10-2004-x64

1

Qt5Network.dll

windows7-x64

1

Qt5Network.dll

windows10-2004-x64

1

Qt5Widgets.dll

windows7-x64

1

Qt5Widgets.dll

windows10-2004-x64

1

Qt5Xml.dll

windows7-x64

1

Qt5Xml.dll

windows10-2004-x64

1

libgcc_s_sjlj-1.dll

windows7-x64

1

libgcc_s_sjlj-1.dll

windows10-2004-x64

1

libstdc++-6.dll

windows7-x64

1

libstdc++-6.dll

windows10-2004-x64

1

libwinpthread-1.dll

windows7-x64

1

libwinpthread-1.dll

windows10-2004-x64

1

supercopier.exe

windows7-x64

1

supercopier.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9c437863ce287dbe91d54c9d8a06d226_JaffaCakes118

  • Size

    6.1MB

  • Sample

    241125-shvkassndw

  • MD5

    9c437863ce287dbe91d54c9d8a06d226

  • SHA1

    dface0d050c8010765d3efc8c3940e47bd230a11

  • SHA256

    a08a98bc149a27bc5e64f1766b2e3ed500ca32fd46a2ca74df9672860269f396

  • SHA512

    f83da58a21c3ac8a5d169426e29d9cdb0ce9e3a6eaef700e686ed884f224bf3817e9fcf1f4e1e2fee790eae589418d6afc541ab9d08eee14db447745cbf9b239

  • SSDEEP

    98304:JotyK3buHcaUbxL/EnRJ2VFHFJcPFJPMuG+ZYvZVEfCcfnA9Qzd3cQAspTXoB:EaHS/sMFliN5vtUf4fzfAsdoB

Score
7/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      9c437863ce287dbe91d54c9d8a06d226_JaffaCakes118

    • Size

      6.1MB

    • MD5

      9c437863ce287dbe91d54c9d8a06d226

    • SHA1

      dface0d050c8010765d3efc8c3940e47bd230a11

    • SHA256

      a08a98bc149a27bc5e64f1766b2e3ed500ca32fd46a2ca74df9672860269f396

    • SHA512

      f83da58a21c3ac8a5d169426e29d9cdb0ce9e3a6eaef700e686ed884f224bf3817e9fcf1f4e1e2fee790eae589418d6afc541ab9d08eee14db447745cbf9b239

    • SSDEEP

      98304:JotyK3buHcaUbxL/EnRJ2VFHFJcPFJPMuG+ZYvZVEfCcfnA9Qzd3cQAspTXoB:EaHS/sMFliN5vtUf4fzfAsdoB

    Score
    7/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $R0

    • Size

      94KB

    • MD5

      afab0674f49b13307a56d07327ef03c6

    • SHA1

      757489b971660708c4bb1447a6130467ed9e2ab1

    • SHA256

      53f8b1ce31eedd2bee69ce1b638cdd6e6b4fec09b7642c2b5a41ebadaaf5c191

    • SHA512

      677501a993afd883a441ba70089dc8b5de55c7258d217443e0ed6427012ff34e8c9a5c818fa05f93dd50a1f196c84aedf096e5fd367b0cfb68fbd505781e846b

    • SSDEEP

      1536:Xahycz00BusOIwIOy120EPHymTyanQSeETzA0wK1Pxf9gs5xFnNLd:XeV0AuzIOy1bDUM0d1Pxf9gs5xFN

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      CopyEngine/Ultracopier/copyEngine.dll

    • Size

      1.1MB

    • MD5

      96f748d26b775353cf6c7989ba8e79a0

    • SHA1

      57ac64bfb0940ec1136fc766865579ad284c41d5

    • SHA256

      83588c184ce2be987de19a6d16d3060d5a84ce0878a59987e792b7ff786711cc

    • SHA512

      cb05f14fd138ae15a10f4b07fcae905c10844b0535ecd41497d8858a7d0a5150593513201866bbbed4ef39e446d6616853ca15e3579dd07c2bb5194742aed423

    • SSDEEP

      24576:l6nFl+UkEHQX6HHlEICcwucPmL5cXYjPsLlUnqPb4Bk+VBs:amHEKYVrVBs

    Score
    1/10
    behavioral7behavioral8

    • Target

      Listener/catchcopy-v0002/listener.dll

    • Size

      148KB

    • MD5

      9dd45ca03f7666a0b3df164eecf6198b

    • SHA1

      49e4fe2e44d6bd2b62acb90f6c3cbc42fdda09c2

    • SHA256

      ea932ac0873eb114f67d02955c96bbdf11ffdfe64989a767abbbe4fa9cefa33b

    • SHA512

      1d00d86f1416616a9cdafce60c05315f0a11fcba3abb291cf0fddc15efe78126bfa147d59ced07d2420491f5ebe5f7e2da9edc719c99187901d342f9c7a9a852

    • SSDEEP

      3072:FyvqmD99bg7sePXCuydmMfTUMiWrFOeqYp:FyTpBgBqIMfTtLMeq

    Score
    1/10
    behavioral10behavioral9

    • Target

      PluginLoader/catchcopy-v0002/catchcopy32.dll

    • Size

      94KB

    • MD5

      afab0674f49b13307a56d07327ef03c6

    • SHA1

      757489b971660708c4bb1447a6130467ed9e2ab1

    • SHA256

      53f8b1ce31eedd2bee69ce1b638cdd6e6b4fec09b7642c2b5a41ebadaaf5c191

    • SHA512

      677501a993afd883a441ba70089dc8b5de55c7258d217443e0ed6427012ff34e8c9a5c818fa05f93dd50a1f196c84aedf096e5fd367b0cfb68fbd505781e846b

    • SSDEEP

      1536:Xahycz00BusOIwIOy120EPHymTyanQSeETzA0wK1Pxf9gs5xFnNLd:XeV0AuzIOy1bDUM0d1Pxf9gs5xFN

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      Qt0SystemInfo.dll

    • Size

      121KB

    • MD5

      13485f38e6b9047f7a226737527366da

    • SHA1

      f32b9d1fb57e312fbfd35dd63d3c412c631408fd

    • SHA256

      cf72e7b97525de676c065b884a4e562baf3ebd89fb370002181d05c140a36e12

    • SHA512

      77aa59cc9b3be68c7b0e0086cf4fe9b570029cabef91e6dac7f4b5a108d10e48af2c3f315d5f66f2530faee920c895e22996a7b33ef55fb1f44ff5efa1e53f80

    • SSDEEP

      1536:iwVFaTyxL5vZCNLULqnBPE6Q4rS91RSdOd4YQPFTKuBAN3bDR6vyskXRJdpBZ:vraT4ySOPBiTSdIwKu6NLD7dRJdpBZ

    Score
    1/10
    behavioral13behavioral14

    • Target

      Qt5Core.dll

    • Size

      4.3MB

    • MD5

      11b4e2656ee53749e957b6afe955ad20

    • SHA1

      4ca93e7e038a5c9e1fb387432048b08f3f252f7f

    • SHA256

      38223bc55472838e8df49c0a3620254dc871959280e7fdde41055304e7c44296

    • SHA512

      56212d7affc21a4d881b36169dfb0cdc5fda315f3abf49135846c11359bb9f2b31f163fc0dbd51e1f13d3b57ad07e2366e5592cccc736894fe13f619be2ba9ad

    • SSDEEP

      49152:n6+USbWlKh8blfuFZsTGZmb5qN0E0hqqpdicsEja6u8+RlGpGqaJsv6tWKFdu9CF:6+1jhHcw0hs9NJsv6tWKFdu9CHt51

    Score
    1/10
    behavioral15behavioral16

    • Target

      Qt5Gui.dll

    • Size

      2.4MB

    • MD5

      93c5d793ced80f20b7bbb781a94798fd

    • SHA1

      7735e255035f7ab95606cbbc559681980fb72ef4

    • SHA256

      e00e1c1f44402ffba8532335ecc95b08015f0eb4e3a688b5257f6329b241fc92

    • SHA512

      407bbd86c1042fd57e635cfb2c77d367178c64ff722f6a61c4a5c8b101ccde761944a661d07343686db0b6898c6434a16a30c8cb39734571362def956003780e

    • SSDEEP

      49152:UHqxF8FNvlwYgwSY9CxeikuIbb57NoTJH8K/T:4vRruT

    Score
    1/10
    behavioral17behavioral18

    • Target

      Qt5Network.dll

    • Size

      756KB

    • MD5

      9f0e53fc2f0be427c892a6ee9790a1af

    • SHA1

      dc83540fab9f595a93ebb5a7f6e1b123b4698ced

    • SHA256

      5238f8d8d318d33c5ce52bb45a91be24f393560783c02e1401eccb4d95022e60

    • SHA512

      b4f2602c2c1b576b33f8cb4ce44f4ba164dfd8f7ab583a560f0c4e55bce6052b94e8f8bac33d89b4bb986962f12957cd717c28ae31e7f4d802afbb4888d9527e

    • SSDEEP

      12288:hbKf5ScJ7P09EmQmZdzTxIeFVjj8pFFWLQT+Z27d+tC9:8qcmZdzTBgpFFPT+ZuYtC9

    Score
    1/10
    behavioral19behavioral20

    • Target

      Qt5Widgets.dll

    • Size

      4.0MB

    • MD5

      4fd0f7ec0fa0044f62d9f2c28cc5f29b

    • SHA1

      6a7532c614c560d11c1eed849e358c1210391137

    • SHA256

      9a7a50e6c82e4b1e34c672361eac7b3d4097132597b0f534604000238a1937eb

    • SHA512

      ef2eba77a10a935b246aeb49610b6ebf75de63f9724db0c8a24b99088efacdf6e6ab1f242939ed54b831bd2b92178e115479655b538eeef5aeb8ba554b3757ed

    • SSDEEP

      49152:BPZ5lidVuaJb5JMtZrAhJX6x8u+XEqxC0RvTs/QRjpsyBWTLYyPAV:fiR30UsojFfIYys

    Score
    1/10
    behavioral21behavioral22

    • Target

      Qt5Xml.dll

    • Size

      179KB

    • MD5

      3421d1ba17a27af922c65c63e5dc3663

    • SHA1

      09b9c3a981f5edbbc9f2a80753e706904b5791f6

    • SHA256

      c58674a895f8e5a2541b4823774b869f26ae9446f3dd282dea94712a0a1142cf

    • SHA512

      16df400d4c713f26992bb06565b714347032d732112d0609488307d9def39cdeda55b63e0e059bfba975271325a58b9884a409e907f7f0a6656ed5a611499edc

    • SSDEEP

      3072:CW5UJwSzXK5YZdojYoSuQyijXmzIhIDyTpdtLqtCwdd76C+6jD7Cd:f5UJmYZdbFulijX7ZiD7C

    Score
    1/10
    behavioral23behavioral24

    • Target

      libgcc_s_sjlj-1.dll

    • Size

      98KB

    • MD5

      06de37e494422eace2a31e917eb90cad

    • SHA1

      f4fa57573edbf7332468161b8d55c305b6769795

    • SHA256

      8b921520d61d8e291520544a3387bcca162200a9764c0da9425a2a48410c1176

    • SHA512

      e25b366060d450dbbbd71459d58e279f68909f2ecfa5e675cd462a53d8486682ec25704f394b45070e25fe5098a5d2844a442fba41d2aecf62cca586c45f8336

    • SSDEEP

      1536:uafR4aAym4YQWXiIR2ZgmI0LM2AJ5/ZURg2Er1SxywQPtnFaOiuZYB1vN2dliVNp:7+ymvQMb2Zgmm0g2792ZFrC9wdliPgO

    Score
    1/10
    behavioral25behavioral26

    • Target

      libstdc++-6.dll

    • Size

      1.0MB

    • MD5

      08ae623d202400b3e23a920cc475c4b9

    • SHA1

      76aac4f12f64e065f123b238563c4d9954febe93

    • SHA256

      3c6ad971154e6d5d6a0fcb2893cdb0db3237a66570924606d16000147f114c8c

    • SHA512

      bbed98118a0044348b91908eeafa4bd36f5db0a981f9b731b37bbd82d3c3f7596f51bfa8cbee2a02f2ce2621e2de9b3427a969b0be9c254e0902ac1056c7c993

    • SSDEEP

      12288:1x6HLGFjS3/AMAMHTLUo5QGqe41ALnuh5Gjp/mmBmKDXu210l4HpaoDStukfY4Az:1x6HijfMHsqqe41ALnY5GIS+210l4

    Score
    1/10
    behavioral27behavioral28

    • Target

      libwinpthread-1.dll

    • Size

      71KB

    • MD5

      ee98891d7937cf20829ba13142754030

    • SHA1

      76594d12f7d4583e7ee058d1b116a94ba8473d8f

    • SHA256

      c2ca4f97aecc6546b4f1fe32935c72beb5185c6a3105f6014f298c4e01553445

    • SHA512

      0ba4571cae390be9e47ddc725cd48e34427dc8b726ef53f53fa689a3a3a17cd3c8e52c0ecd33749ff1dbc3145248d599be8cadd841122dcba6e8861ec5281048

    • SSDEEP

      1536:gc8+8KMN+sJQpRJhg1Cb85M4ZtwwKwm+1gDE4cYA:gdfYsYJqUd4Z6+yE4cYA

    Score
    1/10
    behavioral29behavioral30

    • Target

      supercopier.exe

    • Size

      1.0MB

    • MD5

      b7722163c3012288641f00e859bd268b

    • SHA1

      09d93e49b8e6b82c34d69171efd58c3bcd39510c

    • SHA256

      776e8a6a905b4d17b4507522e3308fd2f3a8b56c61c235080f6593d2b23b4600

    • SHA512

      e84c07b3ba8153990b9c1240872dd0841086379ad54503707e263bc5c5d3881d656b54dd73ceee3ec27cb9c93677a3dea231319f7097cbba37867773fe1d205b

    • SSDEEP

      24576:YCE4wvP8guMzQiZnWJuy1EROXR0E7p/ydjmyI+mNb1NeQO+crkXYl:YCWvDJkXI

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discoverypersistenceprivilege_escalation
Score
7/10

behavioral2

discoverypersistenceprivilege_escalation
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10