Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    02c27687ebd579e7c03e54637e9de742_JaffaCakes118

  • Size

    419KB

  • Sample

    240727-3r1ssaycre

  • MD5

    02c27687ebd579e7c03e54637e9de742

  • SHA1

    c599702da6e7e634506289b347b40597b7983147

  • SHA256

    c728f253c618bae5809011866dc1cf34ff0af6e434251d122e9784671ea191ae

  • SHA512

    ef305b2c5759baaa1ec059dffee2e791e38e9cb8238aad345f6c770146546a9184a4fb2026bcebf9e96d2ed14daa6da47d42d819403ba1d7d684796cdd6ff733

  • SSDEEP

    3072:8hOm2sI93UufdC67cimD5t251UrRE9TTFwD7arnDX+X5l5xb:8cm7ImGddXmNt251UriZFwfsDX+XtR

Malware Config

Targets

    • Target

      02c27687ebd579e7c03e54637e9de742_JaffaCakes118

    • Size

      419KB

    • MD5

      02c27687ebd579e7c03e54637e9de742

    • SHA1

      c599702da6e7e634506289b347b40597b7983147

    • SHA256

      c728f253c618bae5809011866dc1cf34ff0af6e434251d122e9784671ea191ae

    • SHA512

      ef305b2c5759baaa1ec059dffee2e791e38e9cb8238aad345f6c770146546a9184a4fb2026bcebf9e96d2ed14daa6da47d42d819403ba1d7d684796cdd6ff733

    • SSDEEP

      3072:8hOm2sI93UufdC67cimD5t251UrRE9TTFwD7arnDX+X5l5xb:8cm7ImGddXmNt251UriZFwfsDX+XtR

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks