Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a7bf533f1a90f5c4e34b6aa212b9fe9b3930a067e6286944a905dbed2196a700

  • Size

    186KB

  • Sample

    240319-3d482sad52

  • MD5

    38be3a5adb22dcd58d4ef375b1953947

  • SHA1

    fa18c2f8b8e125bf1ad55172c2fdceaa87a77607

  • SHA256

    a7bf533f1a90f5c4e34b6aa212b9fe9b3930a067e6286944a905dbed2196a700

  • SHA512

    52ee0069b54a1bd644884e82ca01f4ae4b432bb12451b7b8f77ff6fcd8d53a537379b1cc0dd76fc82364ec90ce21b96298be5799d27816662034ded4b563c43e

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJJIBbS:PhOm2sI93UufdC67ciJTmEbS

Malware Config

Targets

    • Target

      a7bf533f1a90f5c4e34b6aa212b9fe9b3930a067e6286944a905dbed2196a700

    • Size

      186KB

    • MD5

      38be3a5adb22dcd58d4ef375b1953947

    • SHA1

      fa18c2f8b8e125bf1ad55172c2fdceaa87a77607

    • SHA256

      a7bf533f1a90f5c4e34b6aa212b9fe9b3930a067e6286944a905dbed2196a700

    • SHA512

      52ee0069b54a1bd644884e82ca01f4ae4b432bb12451b7b8f77ff6fcd8d53a537379b1cc0dd76fc82364ec90ce21b96298be5799d27816662034ded4b563c43e

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJJIBbS:PhOm2sI93UufdC67ciJTmEbS

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks