Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8cff408dddc4daa4050b094d1b6469d2_JaffaCakes118

  • Size

    199KB

  • Sample

    240602-fxca2scb7z

  • MD5

    8cff408dddc4daa4050b094d1b6469d2

  • SHA1

    aac4e71e0e3515d12d9d1a1a519cf6b9fec2b7cc

  • SHA256

    055d9cdb2a7d7a37d14ae8a2156ac97ba03f855069a8b246e794b0a18079ff0e

  • SHA512

    d8e69dbc9e80877114411b9fc845d87e72fdf5e9d55b51f5bf4a1b59a5b4e035160aa34879306a39efae368f40180484ce074ae3ada68a71ae38d070a3da969c

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqyvU2r1vsKM4lte:PhOm2sI93UufdC67cihvH1SD

Malware Config

Targets

    • Target

      8cff408dddc4daa4050b094d1b6469d2_JaffaCakes118

    • Size

      199KB

    • MD5

      8cff408dddc4daa4050b094d1b6469d2

    • SHA1

      aac4e71e0e3515d12d9d1a1a519cf6b9fec2b7cc

    • SHA256

      055d9cdb2a7d7a37d14ae8a2156ac97ba03f855069a8b246e794b0a18079ff0e

    • SHA512

      d8e69dbc9e80877114411b9fc845d87e72fdf5e9d55b51f5bf4a1b59a5b4e035160aa34879306a39efae368f40180484ce074ae3ada68a71ae38d070a3da969c

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqyvU2r1vsKM4lte:PhOm2sI93UufdC67cihvH1SD

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks