Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5b97e0d370483008f8fb608bd276f5591197923f922ef7323b96b26d904641f6

  • Size

    4.9MB

  • Sample

    231117-hfsmtahb2w

  • MD5

    83bc64c73bfda04bd343a72e62cb30b8

  • SHA1

    19f58e31545195e766a4c685ab6b6990758d6f06

  • SHA256

    5b97e0d370483008f8fb608bd276f5591197923f922ef7323b96b26d904641f6

  • SHA512

    17da0ef2b8508707c76dcb1e97c71990225ba4d83d586d319883bdf3ede880d09ef1ad54273492749515f0680827a11d582a6f368c36930178dbf0225cc6dcb0

  • SSDEEP

    49152:z1MZu4jp8g+Y4o5unqoLoe3XNs41s4c+z53wJWqb2N/:5MZu4jcSuqoL939s41s4cQEON/

Malware Config

Targets

    • Target

      5b97e0d370483008f8fb608bd276f5591197923f922ef7323b96b26d904641f6

    • Size

      4.9MB

    • MD5

      83bc64c73bfda04bd343a72e62cb30b8

    • SHA1

      19f58e31545195e766a4c685ab6b6990758d6f06

    • SHA256

      5b97e0d370483008f8fb608bd276f5591197923f922ef7323b96b26d904641f6

    • SHA512

      17da0ef2b8508707c76dcb1e97c71990225ba4d83d586d319883bdf3ede880d09ef1ad54273492749515f0680827a11d582a6f368c36930178dbf0225cc6dcb0

    • SSDEEP

      49152:z1MZu4jp8g+Y4o5unqoLoe3XNs41s4c+z53wJWqb2N/:5MZu4jcSuqoL939s41s4cQEON/

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks