Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2023-08-26_d90021fc48fd97fac984b3b46b5f0ae8_icedid_JC.exe

  • Size

    4.9MB

  • Sample

    231010-1qqv3sfg52

  • MD5

    d90021fc48fd97fac984b3b46b5f0ae8

  • SHA1

    8fc27b0ffa7fd406c1aa8c625eabf38114941d5c

  • SHA256

    561856dcd8d3974947aeda7ea22f8338d570c65b777ce7bfc6088b28dd75bf4e

  • SHA512

    e561464d5939e38ae3496ffeb2cb4ec4755efd87ef3cbb7c17e4cc4d1b73825b1ee5c1464774eb3558ff3f73ffa30ed50b1cb45ec1b11ee66f9b7f994728e68b

  • SSDEEP

    49152:ZV+eXurVUM0mk4AIa/qWrPz53wJWqg2NA61Ai2oB9Kgk6EaXtgjMdHCX0lfAlAvN:r+AWVUBPdqW3EJNXSiLKwESgjMxSjkD

Malware Config

Targets

    • Target

      2023-08-26_d90021fc48fd97fac984b3b46b5f0ae8_icedid_JC.exe

    • Size

      4.9MB

    • MD5

      d90021fc48fd97fac984b3b46b5f0ae8

    • SHA1

      8fc27b0ffa7fd406c1aa8c625eabf38114941d5c

    • SHA256

      561856dcd8d3974947aeda7ea22f8338d570c65b777ce7bfc6088b28dd75bf4e

    • SHA512

      e561464d5939e38ae3496ffeb2cb4ec4755efd87ef3cbb7c17e4cc4d1b73825b1ee5c1464774eb3558ff3f73ffa30ed50b1cb45ec1b11ee66f9b7f994728e68b

    • SSDEEP

      49152:ZV+eXurVUM0mk4AIa/qWrPz53wJWqg2NA61Ai2oB9Kgk6EaXtgjMdHCX0lfAlAvN:r+AWVUBPdqW3EJNXSiLKwESgjMxSjkD

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks