Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7bedb97f8d7696215bdaad9a743979047c71a798d737c4176af4c04f2bd1a5c8.exe

  • Size

    338KB

  • Sample

    240409-yr75msgh45

  • MD5

    4e41e5c0337518e0af73d40dcac7fe28

  • SHA1

    2d0aac986459b1cfb11a3d80154053553bc43523

  • SHA256

    7bedb97f8d7696215bdaad9a743979047c71a798d737c4176af4c04f2bd1a5c8

  • SHA512

    9e7302d2332e093d598bab3c8292d84a240144d04889c42c39b3b2d76f6f8da70ae695d13dae5b1cd2377963a375121531237412965d8f05eb484422cb324196

  • SSDEEP

    6144:b5/YZ58drqrhGcbLhmvjSN6jZhixVK/B/zkXudeM:b5/Q58drihGiLhmGNiZsx0B/zkXoeM

Score
10/10

Malware Config

Targets

    • Target

      7bedb97f8d7696215bdaad9a743979047c71a798d737c4176af4c04f2bd1a5c8.exe

    • Size

      338KB

    • MD5

      4e41e5c0337518e0af73d40dcac7fe28

    • SHA1

      2d0aac986459b1cfb11a3d80154053553bc43523

    • SHA256

      7bedb97f8d7696215bdaad9a743979047c71a798d737c4176af4c04f2bd1a5c8

    • SHA512

      9e7302d2332e093d598bab3c8292d84a240144d04889c42c39b3b2d76f6f8da70ae695d13dae5b1cd2377963a375121531237412965d8f05eb484422cb324196

    • SSDEEP

      6144:b5/YZ58drqrhGcbLhmvjSN6jZhixVK/B/zkXudeM:b5/Q58drihGiLhmGNiZsx0B/zkXoeM

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks