Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8e43195b9b495c922ce810bb22c1f171_JaffaCakes118

  • Size

    90KB

  • Sample

    240602-qybq1sdg7y

  • MD5

    8e43195b9b495c922ce810bb22c1f171

  • SHA1

    da399f7e07ba2f34e0a5b3e3ae0bb66e5a3ee84e

  • SHA256

    45597e98830ae5fadd3476b518593b79b7f880422c4cc69217aa8cf27fda8fb7

  • SHA512

    9f0c2ed0b1b6583202d0b1fdb1f380ea46b74cb48ab9defbd5626b0b476ae32fa49ad27343cc02027fb0b5a2b856bd6fb0ffd89158d441aef1f2becdb85bf28b

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDWiekja1br3GGBxfot5lmKaZNkQ0:ymb3NkkiQ3mdBjFWXkj7afo4ZEt

Malware Config

Targets

    • Target

      8e43195b9b495c922ce810bb22c1f171_JaffaCakes118

    • Size

      90KB

    • MD5

      8e43195b9b495c922ce810bb22c1f171

    • SHA1

      da399f7e07ba2f34e0a5b3e3ae0bb66e5a3ee84e

    • SHA256

      45597e98830ae5fadd3476b518593b79b7f880422c4cc69217aa8cf27fda8fb7

    • SHA512

      9f0c2ed0b1b6583202d0b1fdb1f380ea46b74cb48ab9defbd5626b0b476ae32fa49ad27343cc02027fb0b5a2b856bd6fb0ffd89158d441aef1f2becdb85bf28b

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDWiekja1br3GGBxfot5lmKaZNkQ0:ymb3NkkiQ3mdBjFWXkj7afo4ZEt

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks