Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3b1a81a11939cc387ec62da44cf94e0e90927777b28666b0f78dfe40cb588cfe

  • Size

    15.7MB

  • Sample

    230824-2fmw4sfh98

  • MD5

    a000a7f764b67967348a6e5333ef9533

  • SHA1

    b0c008f28a5f3c75cee2a1e700a1957ac11053ed

  • SHA256

    3b1a81a11939cc387ec62da44cf94e0e90927777b28666b0f78dfe40cb588cfe

  • SHA512

    133bd726ef8c1f6a1ba0c106cfb3efcf69ae661e3011eaeadc9f764a9d847c67c10f99129f3ea7f3b56eeb5820f00c7bef92967fa815d273936aab491a945327

  • SSDEEP

    393216:5dGls9tsz9bwRrZRY0IFWIIyNTUdxAVhSGbbe86l:zGu9+z9ERZRg9IMTUdxUUGby1l

Malware Config

Targets

    • Target

      3b1a81a11939cc387ec62da44cf94e0e90927777b28666b0f78dfe40cb588cfe

    • Size

      15.7MB

    • MD5

      a000a7f764b67967348a6e5333ef9533

    • SHA1

      b0c008f28a5f3c75cee2a1e700a1957ac11053ed

    • SHA256

      3b1a81a11939cc387ec62da44cf94e0e90927777b28666b0f78dfe40cb588cfe

    • SHA512

      133bd726ef8c1f6a1ba0c106cfb3efcf69ae661e3011eaeadc9f764a9d847c67c10f99129f3ea7f3b56eeb5820f00c7bef92967fa815d273936aab491a945327

    • SSDEEP

      393216:5dGls9tsz9bwRrZRY0IFWIIyNTUdxAVhSGbbe86l:zGu9+z9ERZRg9IMTUdxUUGby1l

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks