Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

e0215c2225...18.exe

windows7-x64

7

e0215c2225...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Analizador.dll

windows7-x64

3

Analizador.dll

windows10-2004-x64

3

Ayuda.exe

windows7-x64

5

Ayuda.exe

windows10-2004-x64

5

E-mail_Marketing.exe

windows7-x64

10

E-mail_Marketing.exe

windows10-2004-x64

10

Extractor.exe

windows7-x64

1

Extractor.exe

windows10-2004-x64

3

Seguridad.dll

windows7-x64

3

Seguridad.dll

windows10-2004-x64

3

Servidor_em.exe

windows7-x64

3

Servidor_em.exe

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e0215c22250ea3756ed1469479e4fc43_JaffaCakes118

  • Size

    3.8MB

  • Sample

    241211-ghxtwazkcv

  • MD5

    e0215c22250ea3756ed1469479e4fc43

  • SHA1

    136a0f200a8614e9c54ae4ce9b115175d2b502ea

  • SHA256

    a3493f39327e7cfb172453dac5dea46e625a193adb92feab5ac0225017d28dad

  • SHA512

    98b404f33f70e51df1018cfdda78d76f7bf664aac2ac42c46e5a16812f31e522a8f985b48cc386426f98fdd56def7d834518644a3d51f4f4c4009d0f9be5d7d4

  • SSDEEP

    98304:VZD2EIEGhl+ZZqhGAQfBIqtO/ZIpBrfh7qC3q9:Vx2EIEGhIZAhQfBIf6phZ7qCm

Score
10/10
modiloaderdiscoverytrojanupx

Malware Config

Targets

    • Target

      e0215c22250ea3756ed1469479e4fc43_JaffaCakes118

    • Size

      3.8MB

    • MD5

      e0215c22250ea3756ed1469479e4fc43

    • SHA1

      136a0f200a8614e9c54ae4ce9b115175d2b502ea

    • SHA256

      a3493f39327e7cfb172453dac5dea46e625a193adb92feab5ac0225017d28dad

    • SHA512

      98b404f33f70e51df1018cfdda78d76f7bf664aac2ac42c46e5a16812f31e522a8f985b48cc386426f98fdd56def7d834518644a3d51f4f4c4009d0f9be5d7d4

    • SSDEEP

      98304:VZD2EIEGhl+ZZqhGAQfBIqtO/ZIpBrfh7qC3q9:Vx2EIEGhIZAhQfBIf6phZ7qCm

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      296a5f3179fa8d7a7a855eaf696ede44

    • SHA1

      57aa5b71553ed282dd22c768e039a187f5c13f63

    • SHA256

      ee0ad77e681c4d0fdf1d67df5f4ca03e6bdd8e3b05dfb47a83ad5c733ed62960

    • SHA512

      bc527d1485f468e8d098057e0e38e8cb7aa6eb64d4ca30927b99b1552a3177b132b989015ff95bdf2ca046bf11a54b4b456f51e024fbc734fbb548c3499e53f6

    • SSDEEP

      192:r6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:r6JaVh4I5rpPbTy+BdhO

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      Analizador.dll

    • Size

      90KB

    • MD5

      79712c20fe2155cf1ab4fa1b07969e9e

    • SHA1

      1f45b7aa4c6434e3008d2b8cb9096e8d38dbc0d8

    • SHA256

      b9ce82cf7b4f51617a04fe79489fa186a6750e071530d13b303435f739518a99

    • SHA512

      ca75f89481f216842874b567e1a5746cb144680d7034470690e3466126f3fbf7dbd6b8f07be41cc98dc7b8f16a4ecfd0aac0fa6d48f44699d2de9592a7f2c3af

    • SSDEEP

      1536:U2tof5xxLs8npufZTEoqphLaI+EqeO8uWGMtB5lKJP0uT4PP0uTzuBNGMG3UXBN:hK57A8nAxTEoqp+eOUtLI2uKUXr

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      Ayuda.exe

    • Size

      1.7MB

    • MD5

      2e21ce4260d255c7dfc58bbaa21d20d2

    • SHA1

      a042dc3f09edaee569d7b9fc5c1f901e1775a434

    • SHA256

      97e933dfd6fe33126da146836f639b7cb9e152a26df08a36362dd823961bc7d6

    • SHA512

      bc7a97da2580a6690483b95314641f17dd8e034831d48383c181322187958f3ce3c4ba97f706745074714f7324e6fa119d2b78f17eb1aa0be09fce2900bf9c7d

    • SSDEEP

      49152:aMWUARVFZP6/KyhiIEltAplV3y7JRbgGK5BLhb76N:XwPX7+EIpX3yTbhK5BLZ76N

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      E-mail_Marketing.exe

    • Size

      5.5MB

    • MD5

      d628023e84a18532f41c2ccc821cdece

    • SHA1

      e0d63957471e7c88569c0f6b14e7a719d08589e2

    • SHA256

      a119de51864d5788c7ee7fea38b64b46132c0c8623501bd1ab0d39672f607feb

    • SHA512

      49548516126da90c89295636c92ddcc5de39a7fa06a504256525e890b7db939c59ff2dab9420ee47754dd0f9434dace6a967ff4d21201b98d66c54ce9d31f51f

    • SSDEEP

      49152:uXKnakcrWjOqGX0qbiK56K6ruykr2UzNfgH701zohuWTLIDirKXyDEgGuQC42mLu:CmatXFiNrM2u3mhTLIDir93QC42m

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader First Stage

    behavioral10behavioral9

    • Target

      Extractor.exe

    • Size

      220KB

    • MD5

      1ced1b979203a7e4265ab844e807f64d

    • SHA1

      1227bf074ac939c23a689687c48ad58b50d04c78

    • SHA256

      25aa8133652829d5cc8284fd2dabc2a43ed1209e37414523e5e2b663feb4c602

    • SHA512

      893513fa46bc926475932c43c842e453254dfb325f069b77affc587eae1642d9914c0db69d521e154d6ffbdd2cd007bed5e30c065eb170390d8a32863ce6a2eb

    • SSDEEP

      6144:sny3kJ/IJzJKuCpCuEfbxWl3K8acHDc7ZkvF:gXhizJTCpCuEfbm4cjc7e

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      Seguridad.dll

    • Size

      228KB

    • MD5

      4937dfb56023d9f33727c10865986943

    • SHA1

      cf9aa6877fda04af48d9319a226704b4bf46f177

    • SHA256

      50165ef998d9ee7c5ce29f07d95c48e4d72ba1dffbdc8c2165373d5de22aa8fd

    • SHA512

      2879db9aa169e412ede7f26ed5f5dfd1313947b3b781ea1cf7ff4bb52bf98af53fc9d130442e11910de344e5ec74d669f17412fa0278a38ebee5a65c3eece863

    • SSDEEP

      6144:bWoYdXW4FXVrt8y6lDHy7Qea/66nmdnFnJnJ3/n0vJXH0eYGe:yoSXW4frt8yoGa/b

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      Servidor_em.exe

    • Size

      843KB

    • MD5

      e6ac282d40cf400c94d103d0bbcf513c

    • SHA1

      2815b404e72edaee8f5d792aafd4772f36c5bfac

    • SHA256

      0369ca889e4633817eb29361b91a190de4e09eaa276d02b01ff43ef1113c5cd1

    • SHA512

      a997557d722b254e42aeb1950c7a770905b8afdbf0b3f263317fc0db769e79cf249c4c5fcbc10ee43faecf426827a62ce6ce57c9cc9c76c8bae9008231e016e2

    • SSDEEP

      12288:7rLeWwy/TXBtU5f+EltYgBWcQeay/MTc2HS6L8OlhcmH7C3yiJqHT:7eCBmWElCZcQeRkVSQ8O3Z7CCJ

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      uninst.exe

    • Size

      33KB

    • MD5

      8a85e3d6517152a8ddaac8c547f942d8

    • SHA1

      9414ffdd847ad89076bc2b6807540bc0f2c85791

    • SHA256

      93e1d700f16cba773ff18810ff0bb1b488a93fd18c0f5f90013b5448ca624fb3

    • SHA512

      435912030953e06118bdf6b717de99d7982d0e890aa328312c6b9c20e0262c5433cac5ca6e91c1b9b36879df0efc760c98a24d3dadb900b4b744771f3eaf673a

    • SSDEEP

      768:TXKsDnvuB3hRx867tuXLx5Ro2NP0u6X71F38s1mJlEj:LKsTvudhg67q1mX7BmJlEj

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral17behavioral18

MITRE ATT&CK Enterprise v15

Tasks