Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    95402a7963d43979e500d1c5b4c7f2f4ce044365bba0d179b518a6e223232322

  • Size

    5.3MB

  • Sample

    231012-nh1dbsfe5v

  • MD5

    45387c4a6ba7391660d6bc2536b7bda7

  • SHA1

    6fe408687b0472d8c98bf4c98459da243b019c78

  • SHA256

    95402a7963d43979e500d1c5b4c7f2f4ce044365bba0d179b518a6e223232322

  • SHA512

    ee9787eb1168de99693281e1c7bae860f81350a41a9df50cce5cf64a208ca091160876c042389f52065b1268164d534eed20d62f9f6776fbc535bfe6f5943984

  • SSDEEP

    49152:RzbFSZ+5hGBcFLbWf3SFkbn0DRcdczEG6VisMXz53wJWqb2NA:RPkZSwBcFLM+kb0DidUEG6VisMDEONA

Malware Config

Targets

    • Target

      95402a7963d43979e500d1c5b4c7f2f4ce044365bba0d179b518a6e223232322

    • Size

      5.3MB

    • MD5

      45387c4a6ba7391660d6bc2536b7bda7

    • SHA1

      6fe408687b0472d8c98bf4c98459da243b019c78

    • SHA256

      95402a7963d43979e500d1c5b4c7f2f4ce044365bba0d179b518a6e223232322

    • SHA512

      ee9787eb1168de99693281e1c7bae860f81350a41a9df50cce5cf64a208ca091160876c042389f52065b1268164d534eed20d62f9f6776fbc535bfe6f5943984

    • SSDEEP

      49152:RzbFSZ+5hGBcFLbWf3SFkbn0DRcdczEG6VisMXz53wJWqb2NA:RPkZSwBcFLM+kb0DidUEG6VisMDEONA

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks