Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    539162b8cb67fedd37b9a100ee4726f29e247b4508e38c7f15ecb0cf97854994

  • Size

    88KB

  • Sample

    240405-1d62jaea74

  • MD5

    6cfc779b04fce1fdd01d26f556ce007b

  • SHA1

    42cf6538f8ba94392183890f98041d23674c3caa

  • SHA256

    539162b8cb67fedd37b9a100ee4726f29e247b4508e38c7f15ecb0cf97854994

  • SHA512

    382ec0b9cf8623a806e54e5008d610d7dd7b87182783ac7674e62a0b5a281531b15c11f148959c50af14f4044ec799469abc2be522c937cfb59ed027fa1a98d4

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDISoFGDvPGB1haZJK:ymb3NkkiQ3mdBjFIk7+czK

Malware Config

Targets

    • Target

      539162b8cb67fedd37b9a100ee4726f29e247b4508e38c7f15ecb0cf97854994

    • Size

      88KB

    • MD5

      6cfc779b04fce1fdd01d26f556ce007b

    • SHA1

      42cf6538f8ba94392183890f98041d23674c3caa

    • SHA256

      539162b8cb67fedd37b9a100ee4726f29e247b4508e38c7f15ecb0cf97854994

    • SHA512

      382ec0b9cf8623a806e54e5008d610d7dd7b87182783ac7674e62a0b5a281531b15c11f148959c50af14f4044ec799469abc2be522c937cfb59ed027fa1a98d4

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDISoFGDvPGB1haZJK:ymb3NkkiQ3mdBjFIk7+czK

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks