Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b8dfc5ed03ddfa5073ea245dd4f8a3957004c8f745eca64c92431650729c9a16

  • Size

    366KB

  • Sample

    240307-3pcceahd75

  • MD5

    02f045f3b7bb7ee410e65cc95131c7f9

  • SHA1

    a155d58ecabd7e6d1c6ffe3dd3cd9f1914dbad01

  • SHA256

    b8dfc5ed03ddfa5073ea245dd4f8a3957004c8f745eca64c92431650729c9a16

  • SHA512

    3d0a1bc8f4fb059ebe106d5a736cfef7d96ce2e28bdb886876217b9b67b59c725fa1bbf9c39ce0f28df9b63cdbb29b3fcac953c4ee3b94df5e9f5a85e7a4df9f

  • SSDEEP

    6144:BSfSHl+gv5gY1F53Aul/Egv4+E6qnwEGvIkJ7G9P1V:B2SHl+gv5gY1b5Eo4+EsEEIkJ7G9P1V

Score
10/10

Malware Config

Targets

    • Target

      b8dfc5ed03ddfa5073ea245dd4f8a3957004c8f745eca64c92431650729c9a16

    • Size

      366KB

    • MD5

      02f045f3b7bb7ee410e65cc95131c7f9

    • SHA1

      a155d58ecabd7e6d1c6ffe3dd3cd9f1914dbad01

    • SHA256

      b8dfc5ed03ddfa5073ea245dd4f8a3957004c8f745eca64c92431650729c9a16

    • SHA512

      3d0a1bc8f4fb059ebe106d5a736cfef7d96ce2e28bdb886876217b9b67b59c725fa1bbf9c39ce0f28df9b63cdbb29b3fcac953c4ee3b94df5e9f5a85e7a4df9f

    • SSDEEP

      6144:BSfSHl+gv5gY1F53Aul/Egv4+E6qnwEGvIkJ7G9P1V:B2SHl+gv5gY1b5Eo4+EsEEIkJ7G9P1V

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks