Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f87b81b42e24ed78cfb379a2d24d4a30b3c4357eab0d333d549b86ddfbeee2f1

  • Size

    81KB

  • Sample

    240320-cprh8aec87

  • MD5

    a12a12aca94ab5a3e2d627b04d2b4ceb

  • SHA1

    2f96486a235e39a4fc3fd6be23fe6c3aa9c8f822

  • SHA256

    f87b81b42e24ed78cfb379a2d24d4a30b3c4357eab0d333d549b86ddfbeee2f1

  • SHA512

    ac223d8a38abb683aacf9a767be955a6e98ba2c0e2a9cc1ae2ae23fa685d4def471b37a17c86b6edbdbc7d1db277aaeeb1bf22d358d4707d8be09bc47b6e1c48

  • SSDEEP

    1536:CvQBeOGtrYS3srx93UBWfwC6Ggnouy8AelS7/7VIQY:ChOmTsF93UYfwC6GIoutAe07zVIZ

Malware Config

Targets

    • Target

      f87b81b42e24ed78cfb379a2d24d4a30b3c4357eab0d333d549b86ddfbeee2f1

    • Size

      81KB

    • MD5

      a12a12aca94ab5a3e2d627b04d2b4ceb

    • SHA1

      2f96486a235e39a4fc3fd6be23fe6c3aa9c8f822

    • SHA256

      f87b81b42e24ed78cfb379a2d24d4a30b3c4357eab0d333d549b86ddfbeee2f1

    • SHA512

      ac223d8a38abb683aacf9a767be955a6e98ba2c0e2a9cc1ae2ae23fa685d4def471b37a17c86b6edbdbc7d1db277aaeeb1bf22d358d4707d8be09bc47b6e1c48

    • SSDEEP

      1536:CvQBeOGtrYS3srx93UBWfwC6Ggnouy8AelS7/7VIQY:ChOmTsF93UYfwC6GIoutAe07zVIZ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks