Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0057f5981340c395f2aadb5470fdd417_JaffaCakes118

  • Size

    71KB

  • Sample

    240727-y74gdswdrp

  • MD5

    0057f5981340c395f2aadb5470fdd417

  • SHA1

    938b64cd08a98e85e84c7833ec6b6f42df24eeca

  • SHA256

    52fdb89aff0058aea86edb849145f59dfd1ad6cd418f92fa6288cef8e95b1583

  • SHA512

    0da1626910f368be776b26dd4bb5598b865a5a600970f58d963164c26485c8471880438183aaebf817081ea15de2df41498cce0daa75be3855a529136e988baf

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIuyldHinxpifW6WLT65W:ymb3NkkiQ3mdBjFIuyldH+keL+W

Malware Config

Targets

    • Target

      0057f5981340c395f2aadb5470fdd417_JaffaCakes118

    • Size

      71KB

    • MD5

      0057f5981340c395f2aadb5470fdd417

    • SHA1

      938b64cd08a98e85e84c7833ec6b6f42df24eeca

    • SHA256

      52fdb89aff0058aea86edb849145f59dfd1ad6cd418f92fa6288cef8e95b1583

    • SHA512

      0da1626910f368be776b26dd4bb5598b865a5a600970f58d963164c26485c8471880438183aaebf817081ea15de2df41498cce0daa75be3855a529136e988baf

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIuyldHinxpifW6WLT65W:ymb3NkkiQ3mdBjFIuyldH+keL+W

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks