Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    HEUR-Trojan.Win32.Injuke.pef-7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2

  • Size

    210KB

  • Sample

    240229-j1wewabb31

  • MD5

    56e5c7ea909d7c745a4fd29fedb213c8

  • SHA1

    dae65fadfaad427c37422ef30543551e8b632c3d

  • SHA256

    7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2

  • SHA512

    ecb3ce14b288e39ec72b3393ab0fd669ea37686cfa715e5197cf0cbc57f73e53b7e4a803ad2a19a33ea7a01e597d0cd37afbfa5fffc0c9993e4d0c213db33828

  • SSDEEP

    1536:wvQBeOGtrYSSsrc93UBIfdC67m6AJiqQfg3Cip8iXAsG5M0u5Yoz:whOm2sI93UufdC67cizfmCiiiXA6mm

Malware Config

Targets

    • Target

      HEUR-Trojan.Win32.Injuke.pef-7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2

    • Size

      210KB

    • MD5

      56e5c7ea909d7c745a4fd29fedb213c8

    • SHA1

      dae65fadfaad427c37422ef30543551e8b632c3d

    • SHA256

      7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2

    • SHA512

      ecb3ce14b288e39ec72b3393ab0fd669ea37686cfa715e5197cf0cbc57f73e53b7e4a803ad2a19a33ea7a01e597d0cd37afbfa5fffc0c9993e4d0c213db33828

    • SSDEEP

      1536:wvQBeOGtrYSSsrc93UBIfdC67m6AJiqQfg3Cip8iXAsG5M0u5Yoz:whOm2sI93UufdC67cizfmCiiiXA6mm

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks