Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e3ba5bb057ea8d27bd39fc4d8b607c8c51c5021ec10d5bcf011866317fdc16c6

  • Size

    3.9MB

  • Sample

    221014-y6kmwsecg6

  • MD5

    9a05d32a9e7fedce9c4fc8cb0afa966c

  • SHA1

    46791e12d3471d9ccd012a9ed52be43dd7a2b8a9

  • SHA256

    e3ba5bb057ea8d27bd39fc4d8b607c8c51c5021ec10d5bcf011866317fdc16c6

  • SHA512

    ef643a5ef313505a0f6b5ca5f4e9635b7d8534b507f129aad61b0b31e2011a44248dd50f7f808544c7c06e8783954d510ba1de175332607a067486d59119c074

  • SSDEEP

    98304:ziSacGY85ycuvTZ6Er4v/YBYSnFP1GashgyiIqoXKkV6:zPZG3y9lEvsYS51ZshgyiIDXKkV

Malware Config

Targets

    • Target

      e3ba5bb057ea8d27bd39fc4d8b607c8c51c5021ec10d5bcf011866317fdc16c6

    • Size

      3.9MB

    • MD5

      9a05d32a9e7fedce9c4fc8cb0afa966c

    • SHA1

      46791e12d3471d9ccd012a9ed52be43dd7a2b8a9

    • SHA256

      e3ba5bb057ea8d27bd39fc4d8b607c8c51c5021ec10d5bcf011866317fdc16c6

    • SHA512

      ef643a5ef313505a0f6b5ca5f4e9635b7d8534b507f129aad61b0b31e2011a44248dd50f7f808544c7c06e8783954d510ba1de175332607a067486d59119c074

    • SSDEEP

      98304:ziSacGY85ycuvTZ6Er4v/YBYSnFP1GashgyiIqoXKkV6:zPZG3y9lEvsYS51ZshgyiIDXKkV

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks