Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    64ecd1dbfc6ffc762ccd413d10e6348db80794ce5e8baa6b87ef25480207d1c7

  • Size

    15.7MB

  • Sample

    230828-ha5eesgf94

  • MD5

    7bbc0c9ffe49bcbd02b28e21d92fb691

  • SHA1

    7bed808549afcbfa3147cfbca3bef39fa5ba7438

  • SHA256

    64ecd1dbfc6ffc762ccd413d10e6348db80794ce5e8baa6b87ef25480207d1c7

  • SHA512

    ad21fa69e11df687ea7fdd9c5757c760265f44102f9356741694792bde993062a75efef204e00c2910bf9b105f921ed69c21250ff9e7ac9617113c0dbb342515

  • SSDEEP

    196608:7Pr/SXRLQc3F5Rq056oCvnc5mv/T3MM38rj+Ao6J4277FKPiEkWcuZENeMm7BtoC:7Dag0v5mv/IWmaf5+7aCZuy4M/UXz7B

Malware Config

Targets

    • Target

      64ecd1dbfc6ffc762ccd413d10e6348db80794ce5e8baa6b87ef25480207d1c7

    • Size

      15.7MB

    • MD5

      7bbc0c9ffe49bcbd02b28e21d92fb691

    • SHA1

      7bed808549afcbfa3147cfbca3bef39fa5ba7438

    • SHA256

      64ecd1dbfc6ffc762ccd413d10e6348db80794ce5e8baa6b87ef25480207d1c7

    • SHA512

      ad21fa69e11df687ea7fdd9c5757c760265f44102f9356741694792bde993062a75efef204e00c2910bf9b105f921ed69c21250ff9e7ac9617113c0dbb342515

    • SSDEEP

      196608:7Pr/SXRLQc3F5Rq056oCvnc5mv/T3MM38rj+Ao6J4277FKPiEkWcuZENeMm7BtoC:7Dag0v5mv/IWmaf5+7aCZuy4M/UXz7B

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks