Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_0a349abbbfb6cb045229e675ea9ea8bf
-
Size
168KB
-
Sample
250220-hct2gazqx6
-
MD5
0a349abbbfb6cb045229e675ea9ea8bf
-
SHA1
20cf2b0219d8d4e5e9082087c7daf1737129d96b
-
SHA256
64252534e79c546248987c5a9096880532f3a2e3f2a5f00209c6572fe8269dae
-
SHA512
436661b8c117df80e0b9f4a76df1f3cc7d647888f75ff4ce58e94a96b693d9594badd0dd44c4aead831dacd945dd58ca6e13fd19d193b462d338c078b2c549b4
-
SSDEEP
3072:CNl7SBsqlxjXZcTNxzXxKHwrn6sjJE1N/X8bKODeOgesjjKHolrMRNd1uF:CNIBhXQbzxKHw2IJuy+OeUkKHolrMZ8F
Malware Config
Targets
-
-
Target
JaffaCakes118_0a349abbbfb6cb045229e675ea9ea8bf
-
Size
168KB
-
MD5
0a349abbbfb6cb045229e675ea9ea8bf
-
SHA1
20cf2b0219d8d4e5e9082087c7daf1737129d96b
-
SHA256
64252534e79c546248987c5a9096880532f3a2e3f2a5f00209c6572fe8269dae
-
SHA512
436661b8c117df80e0b9f4a76df1f3cc7d647888f75ff4ce58e94a96b693d9594badd0dd44c4aead831dacd945dd58ca6e13fd19d193b462d338c078b2c549b4
-
SSDEEP
3072:CNl7SBsqlxjXZcTNxzXxKHwrn6sjJE1N/X8bKODeOgesjjKHolrMRNd1uF:CNIBhXQbzxKHw2IJuy+OeUkKHolrMZ8F
Score10/10-
Blackshades
Blackshades is a remote access trojan with various capabilities.
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Create or Modify System Process
1Windows Service
1