Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a4aead48c90df3cae46ea45e909ad6d8ebc87ccc75455e6b07e7302624711ace

  • Size

    15.4MB

  • Sample

    231011-t9fqwscc57

  • MD5

    2da8c4b8e832922633498af511147060

  • SHA1

    3ca21cf5bd3f02a091ab7ad33b3e02a8639499a1

  • SHA256

    a4aead48c90df3cae46ea45e909ad6d8ebc87ccc75455e6b07e7302624711ace

  • SHA512

    6ab904584c275406c96855536568cc2dff80a902a8d96d646e766f2bfdae5226d213b0a77a62a30c3f614111042e70d385fcf53ab7dc3a3033a46cd92542b06e

  • SSDEEP

    393216:rp8kJfML4vyJpSYTp5Ijhpe16uqB2fqgQyvKmmWTBB:r2CDyLTEVrucmqhRWTj

Malware Config

Targets

    • Target

      a4aead48c90df3cae46ea45e909ad6d8ebc87ccc75455e6b07e7302624711ace

    • Size

      15.4MB

    • MD5

      2da8c4b8e832922633498af511147060

    • SHA1

      3ca21cf5bd3f02a091ab7ad33b3e02a8639499a1

    • SHA256

      a4aead48c90df3cae46ea45e909ad6d8ebc87ccc75455e6b07e7302624711ace

    • SHA512

      6ab904584c275406c96855536568cc2dff80a902a8d96d646e766f2bfdae5226d213b0a77a62a30c3f614111042e70d385fcf53ab7dc3a3033a46cd92542b06e

    • SSDEEP

      393216:rp8kJfML4vyJpSYTp5Ijhpe16uqB2fqgQyvKmmWTBB:r2CDyLTEVrucmqhRWTj

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks