Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

5

taobaoBatc...��.htm

windows7-x64

3

taobaoBatc...��.htm

windows10-2004-x64

4

taobaoBatc...ue.exe

windows7-x64

6

taobaoBatc...ue.exe

windows10-2004-x64

6

taobaoBatc...en.exe

windows7-x64

5

taobaoBatc...en.exe

windows10-2004-x64

5

taobaoBatc...of.dll

windows7-x64

1

taobaoBatc...of.dll

windows10-2004-x64

1

taobaoBatc...mt.dll

windows7-x64

3

taobaoBatc...mt.dll

windows10-2004-x64

3

taobaoBatc...��.url

windows7-x64

1

taobaoBatc...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8a688953d0224ed0d31b9584203ca3ab

  • Size

    961KB

  • Sample

    250328-hftj4ssycw

  • MD5

    8a688953d0224ed0d31b9584203ca3ab

  • SHA1

    55f010cd8ac9669749b3e38a9cad0a39a2810696

  • SHA256

    f134e7e8f358e5cc4455a35e78ab77f4bde0a4805820331a31a1a1e5a0bccad6

  • SHA512

    87021557504acc895d7f350af418e08d9a6e2898839d44a40b08a58c4947605a65642aa473a60aede1f489417d0a85c8ab8504d07b72048d4bc4ef30ed654c7e

  • SSDEEP

    24576:U9UF5+KP35FRaY7OgicXvAF9HZwPuRBY//omYF75A:UCF5h5vaYViyoF9SPMOnzb

Score
6/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      taobaoBatchEvalue/下载说明.htm

    • Size

      2KB

    • MD5

      9785eb39d2a933dafc7c713baefda91b

    • SHA1

      fd66e14363e866222e467c4397e8ccb1d0954a7b

    • SHA256

      b7a5dde4b441c67156e2085ebcb90ac91e72f376cc4fd7874c69974de39730c0

    • SHA512

      7e8d6f5e77dae8bb4cced6fcb9d3d6d79b3165ce8fe1c0b6d8c6a5184d28d6bbd31959780f0e212f6f1a0f373fc23958f6b5481cc5075a4802b51538efe79dd7

    Score
    4/10
    discovery
    behavioral1behavioral2

    • Target

      taobaoBatchEvalue/淘宝批量评价助手V1.0/BatchEvalue.exe

    • Size

      971KB

    • MD5

      73c0275fa74e32e591bd957c90c43bb6

    • SHA1

      66b83acde78b814a433dd60474101022fd5a6585

    • SHA256

      84a24044693703460e63cd230fa63d64ed558cec7d53e8c25b7f8a2b4a826494

    • SHA512

      68cd9c94aa9c14d2c4f92ada2a0e0a69bbedc91e945319ab1d3d476c0a1b61be5349c6bf0ce2f4287639c6602cdc171429ae06ab8079f322aa34ad5c1353451e

    • SSDEEP

      12288:u3vdFJNBvjardreypR5zqJIOxiJTSiDcWQEY/HNXVjGU5pUT+e1UNm5b22EEyynk:uxSr9xKI2aZz4Hp55KT+e1UgbaynjP6p

    Score
    6/10
    bootkitdiscoverypersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral3behavioral4

    • Target

      taobaoBatchEvalue/淘宝批量评价助手V1.0/KeyGen.exe

    • Size

      8KB

    • MD5

      121520551335f823295cbb4c0fea03b7

    • SHA1

      29eb50fd89b7494c7498405cdba3c450744b9e58

    • SHA256

      bd45af206a047ca4765f77202505f05703c19163b44b4f2a645be1e14e07d0c3

    • SHA512

      4221462fc769c279f5a0f72328291100bbeaece87c3f582e0a283f8441fa43a8dc2b701972885fef7b9fc99b675fbfb0b0af99b6dc8319080333fd7e0f765e3c

    • SSDEEP

      96:fzqOn2Rx3QKllQ5X4qERjsbNGTmunGOtJyg4DBim6Vx499k8kdf6t:bk3Q7sAEmqzKDBF6ikd

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

    • Target

      taobaoBatchEvalue/淘宝批量评价助手V1.0/prof.dll

    • Size

      16B

    • MD5

      df90edbf18864bef17389b8bd54b4e85

    • SHA1

      71ac1de70be0c40f0e524c55bf69d3219503499a

    • SHA256

      c96a05fb59c390ee1d4243a07a26fbb55c62afc94afc34527ea9788200d39b8f

    • SHA512

      456d255fa8e4f009affcf96bcd2a20582d85187534749a67ae29dfe9e0732b01b3dee59f359b8adb2b21affbc14f8f9778484f746cda9f39b876c538a8dcc8cc

    Score
    1/10
    behavioral7behavioral8

    • Target

      taobaoBatchEvalue/淘宝批量评价助手V1.0/upscmt.dll

    • Size

      24KB

    • MD5

      2ecc2f93d934a253b83fd772b4a7be0d

    • SHA1

      c7a45f15f0d72da110e42a3b6a291fab68f76df8

    • SHA256

      b2f30c7426971bd0e6e8d71bbffb080a7c26c616477d8be36a792d5973225c1f

    • SHA512

      844d0e89369ffe4d5a3ad3b5dae4307ba294fff4fff624631e34e1ea4820cc0e08be79c6b1a90d98d6c4585c1b2d8d11ba291e57ecf4648def9a4d1b401abcf9

    • SSDEEP

      96:16oj4VDFhVzGJtqOUoN4us727mL727ByG2UuI0WiansdIV7MC:1AVFhVqJTUog27m327BybUR0TasdI7

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      taobaoBatchEvalue/飘荡精品软件.url

    • Size

      121B

    • MD5

      51443532cefd342f1f97d6f7d3c27e3e

    • SHA1

      3554a5defe7a5d0edb5a5ef4629aabb49a9be10b

    • SHA256

      052bf134ad493468afa3e627e70b36c83278d94fdd4284afffe99a7d3462ae36

    • SHA512

      bd26ccc6517f3fe6fcb4e65b2f703dfc05ab216e5244ffa73d03b2f24ea39a65751850986ae0ba460280aa8b8535b0d6b956f97fee82cfe0e3eeec12ab04f373

    Score
    1/10
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks