Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    485b9caa8877796bfe8e2f6ec1b1dff734859dcf59defce3ddf7545936e1e0aa

  • Size

    700KB

  • Sample

    240310-zrnlnsbg48

  • MD5

    1e61ce646d69eab32936d6ee9041f845

  • SHA1

    c8ce9fb6e26ddd9e35afece391f9f46568e863cc

  • SHA256

    485b9caa8877796bfe8e2f6ec1b1dff734859dcf59defce3ddf7545936e1e0aa

  • SHA512

    04f316d195d790099180bb56cd4b728d4da0fb35c490be992acaffce56509dd4e2169e58f47c083b1dd1b0ae21922e2dd42f630bc52bff41b708d7ef6d03e143

  • SSDEEP

    12288:zJB0lh5aILwtFPCfmAUtFC6NXbv+GEBQqtGSs9U3NL9Wz:zQ5aILMCfmAUjzX6xQt9U39s

Malware Config

Targets

    • Target

      485b9caa8877796bfe8e2f6ec1b1dff734859dcf59defce3ddf7545936e1e0aa

    • Size

      700KB

    • MD5

      1e61ce646d69eab32936d6ee9041f845

    • SHA1

      c8ce9fb6e26ddd9e35afece391f9f46568e863cc

    • SHA256

      485b9caa8877796bfe8e2f6ec1b1dff734859dcf59defce3ddf7545936e1e0aa

    • SHA512

      04f316d195d790099180bb56cd4b728d4da0fb35c490be992acaffce56509dd4e2169e58f47c083b1dd1b0ae21922e2dd42f630bc52bff41b708d7ef6d03e143

    • SSDEEP

      12288:zJB0lh5aILwtFPCfmAUtFC6NXbv+GEBQqtGSs9U3NL9Wz:zQ5aILMCfmAUjzX6xQt9U39s

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks