Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    09b5debc4bd0e7760ba7bf6faa93268285cafa004608fe2735cba1b6eb0836a2

  • Size

    823KB

  • Sample

    231007-j67p4aaa5s

  • MD5

    b255c4c0c3379db4b2afe207c90aad92

  • SHA1

    1b746283ad6e2a538048526d6bfe2ca044cc7963

  • SHA256

    09b5debc4bd0e7760ba7bf6faa93268285cafa004608fe2735cba1b6eb0836a2

  • SHA512

    067c05f1ba932e4658856afe4013eb4b30a0a3e7559cb52c481bc975e69903c06ebabd44cc89ce6e821cb4bf746216e23177ca98c975f1a0bd18328f217e3ec3

  • SSDEEP

    24576:iGiZm/gubF8j51far6VJ+xcVW9zh7afqxs1OVTcsBvwnmkvqPo0lTs:i8/LLZrlTs

Malware Config

Targets

    • Target

      09b5debc4bd0e7760ba7bf6faa93268285cafa004608fe2735cba1b6eb0836a2

    • Size

      823KB

    • MD5

      b255c4c0c3379db4b2afe207c90aad92

    • SHA1

      1b746283ad6e2a538048526d6bfe2ca044cc7963

    • SHA256

      09b5debc4bd0e7760ba7bf6faa93268285cafa004608fe2735cba1b6eb0836a2

    • SHA512

      067c05f1ba932e4658856afe4013eb4b30a0a3e7559cb52c481bc975e69903c06ebabd44cc89ce6e821cb4bf746216e23177ca98c975f1a0bd18328f217e3ec3

    • SSDEEP

      24576:iGiZm/gubF8j51far6VJ+xcVW9zh7afqxs1OVTcsBvwnmkvqPo0lTs:i8/LLZrlTs

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Sets service image path in registry

    • Stops running service(s)

MITRE ATT&CK Enterprise v15

Tasks