Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    02848ebce4b029f3e52e9e8970619c0926cc9873c41219b29a4d5b34aa3944ea

  • Size

    391KB

  • Sample

    240404-wqt6aafa26

  • MD5

    4e548f5ac10e46c7bbe23a9f7a866943

  • SHA1

    cc2aa4be784acdaf20ffe6d975ca5cf9329b17e5

  • SHA256

    02848ebce4b029f3e52e9e8970619c0926cc9873c41219b29a4d5b34aa3944ea

  • SHA512

    4fa5c7aa60bdbfdbcc5c23ff5ebdb97653a3eec52666a1c87e48791d187bce7823d4c4044353ad8f47aebcb0032854c334b2fe7a361fb0ed94abe7e853ed862c

  • SSDEEP

    6144:Acm7ImGddX5WrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmbn:m7TcJWjdpKGATTk/jYIOWN/KnnPqn

Malware Config

Targets

    • Target

      02848ebce4b029f3e52e9e8970619c0926cc9873c41219b29a4d5b34aa3944ea

    • Size

      391KB

    • MD5

      4e548f5ac10e46c7bbe23a9f7a866943

    • SHA1

      cc2aa4be784acdaf20ffe6d975ca5cf9329b17e5

    • SHA256

      02848ebce4b029f3e52e9e8970619c0926cc9873c41219b29a4d5b34aa3944ea

    • SHA512

      4fa5c7aa60bdbfdbcc5c23ff5ebdb97653a3eec52666a1c87e48791d187bce7823d4c4044353ad8f47aebcb0032854c334b2fe7a361fb0ed94abe7e853ed862c

    • SSDEEP

      6144:Acm7ImGddX5WrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmbn:m7TcJWjdpKGATTk/jYIOWN/KnnPqn

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks