Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    028c427d409a3ac2182e6fe0e0c1f48b_JaffaCakes118

  • Size

    337KB

  • Sample

    240727-3jrvxavclm

  • MD5

    028c427d409a3ac2182e6fe0e0c1f48b

  • SHA1

    6c4c4eee217a02db28969604f574654d64fe82bd

  • SHA256

    1580324e54887ef6f3b575948b976f642385cddc88efff044239f23165214f81

  • SHA512

    25bd779fa6de71e03d23a353e8098242583cecade8ca0b9dffcb4eacea63bda24b1a55f0c6ea1fc35cc08d1969fe1a17ed871b6b4e1d8065420301267c99d960

  • SSDEEP

    3072:PhOm2sI93UufdC67cihfmCiiiXAsACF486j8ZAc:Pcm7ImGddXtWrXD486jHc

Malware Config

Targets

    • Target

      028c427d409a3ac2182e6fe0e0c1f48b_JaffaCakes118

    • Size

      337KB

    • MD5

      028c427d409a3ac2182e6fe0e0c1f48b

    • SHA1

      6c4c4eee217a02db28969604f574654d64fe82bd

    • SHA256

      1580324e54887ef6f3b575948b976f642385cddc88efff044239f23165214f81

    • SHA512

      25bd779fa6de71e03d23a353e8098242583cecade8ca0b9dffcb4eacea63bda24b1a55f0c6ea1fc35cc08d1969fe1a17ed871b6b4e1d8065420301267c99d960

    • SSDEEP

      3072:PhOm2sI93UufdC67cihfmCiiiXAsACF486j8ZAc:Pcm7ImGddXtWrXD486jHc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks