Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7654dca11ee0642f73b6d68090909503_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240526-wlkq2sff29

  • MD5

    7654dca11ee0642f73b6d68090909503

  • SHA1

    e9e2ca01844b6b275bcc0ddee1fe0f879cfb6686

  • SHA256

    a84d7f83a5b5199669aa33a2a222dddfbf43b3186f7496879c763761b7a8ab90

  • SHA512

    4a1f2caa943e977cbdd17294a325e6819382afb40e0b981c5c4647c6983857ea4fd60e7295c78ab58c30a34f28e824592ea500f2785030be7a5249dee9da518d

  • SSDEEP

    49152:0aO/m89BoER672+mD0byyKiNGs8CYVuJpOoMQFv+oBYay/tl:fe/UEUyDobymGNhgKoBI

Score
10/10

Malware Config

Targets

    • Target

      7654dca11ee0642f73b6d68090909503_JaffaCakes118

    • Size

      2.1MB

    • MD5

      7654dca11ee0642f73b6d68090909503

    • SHA1

      e9e2ca01844b6b275bcc0ddee1fe0f879cfb6686

    • SHA256

      a84d7f83a5b5199669aa33a2a222dddfbf43b3186f7496879c763761b7a8ab90

    • SHA512

      4a1f2caa943e977cbdd17294a325e6819382afb40e0b981c5c4647c6983857ea4fd60e7295c78ab58c30a34f28e824592ea500f2785030be7a5249dee9da518d

    • SSDEEP

      49152:0aO/m89BoER672+mD0byyKiNGs8CYVuJpOoMQFv+oBYay/tl:fe/UEUyDobymGNhgKoBI

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks