Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    507703086a714cd398fddd365702e2cd369e0781b7af82bfbaec57b3d970fab1

  • Size

    286KB

  • Sample

    240315-yka7bsbf43

  • MD5

    b8ed05150c2acc7cd9502311a5afd1db

  • SHA1

    80cb53289df483e6481985cf1dd25e55fd581d44

  • SHA256

    507703086a714cd398fddd365702e2cd369e0781b7af82bfbaec57b3d970fab1

  • SHA512

    4671952efd651eb8a1d058185e139f9151af6dddac1d62048342543a4647d09f59ea4ffe95d4308018ea7fda5e578cdae0b331f88d8df64d18bbc37f1f237cc0

  • SSDEEP

    3072:ThOm2sI93UufdC67cipfmCiiiXAQ5lpBoGYwNNhu0CzhKPf:Tcm7ImGddXlWrXF5lpKGYV0wh6f

Malware Config

Targets

    • Target

      507703086a714cd398fddd365702e2cd369e0781b7af82bfbaec57b3d970fab1

    • Size

      286KB

    • MD5

      b8ed05150c2acc7cd9502311a5afd1db

    • SHA1

      80cb53289df483e6481985cf1dd25e55fd581d44

    • SHA256

      507703086a714cd398fddd365702e2cd369e0781b7af82bfbaec57b3d970fab1

    • SHA512

      4671952efd651eb8a1d058185e139f9151af6dddac1d62048342543a4647d09f59ea4ffe95d4308018ea7fda5e578cdae0b331f88d8df64d18bbc37f1f237cc0

    • SSDEEP

      3072:ThOm2sI93UufdC67cipfmCiiiXAQ5lpBoGYwNNhu0CzhKPf:Tcm7ImGddXlWrXF5lpKGYV0wh6f

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks