Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    538304a2d2a3cd7df1a65c58c0aff5d8a9af3fb6927fb7585b1c56bac23563d7

  • Size

    66KB

  • Sample

    240326-yxm2nabb75

  • MD5

    06e34745e99bfca497f02c077302053c

  • SHA1

    8b53741dcd22f671ee8fd41b6644b40a4b6822ac

  • SHA256

    538304a2d2a3cd7df1a65c58c0aff5d8a9af3fb6927fb7585b1c56bac23563d7

  • SHA512

    e0a75f66d7f986af50ce656c449abe2408f893c1ce68247da7973c7926e1e6f346b8615e707dd6c02630c226201a0a352cb9c08241157c51c969b6825035fbbb

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2HhvjRZbQ6:ymb3NkkiQ3mdBjF+3TU2HhvV66

Malware Config

Targets

    • Target

      538304a2d2a3cd7df1a65c58c0aff5d8a9af3fb6927fb7585b1c56bac23563d7

    • Size

      66KB

    • MD5

      06e34745e99bfca497f02c077302053c

    • SHA1

      8b53741dcd22f671ee8fd41b6644b40a4b6822ac

    • SHA256

      538304a2d2a3cd7df1a65c58c0aff5d8a9af3fb6927fb7585b1c56bac23563d7

    • SHA512

      e0a75f66d7f986af50ce656c449abe2408f893c1ce68247da7973c7926e1e6f346b8615e707dd6c02630c226201a0a352cb9c08241157c51c969b6825035fbbb

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2HhvjRZbQ6:ymb3NkkiQ3mdBjF+3TU2HhvV66

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks