Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a

  • Size

    139KB

  • Sample

    240415-crf59sca42

  • MD5

    78e8705be8c17f1ca1d8bbdca4c976e9

  • SHA1

    22c53c6c9901edc845ec78c81bbc5521901db949

  • SHA256

    b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a

  • SHA512

    2936cbafa3a94b8a1481032a5af5095579d7b0340a920762a5f91f360ccbcaabbad5875732ee0d564b2adfc270374c360279f26ef14d71b5f362e14a22e7936f

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFomR7UsyJC+n0Gsgyek1a:n3C9BRomRph+0GsgyeYa

Malware Config

Targets

    • Target

      b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a

    • Size

      139KB

    • MD5

      78e8705be8c17f1ca1d8bbdca4c976e9

    • SHA1

      22c53c6c9901edc845ec78c81bbc5521901db949

    • SHA256

      b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a

    • SHA512

      2936cbafa3a94b8a1481032a5af5095579d7b0340a920762a5f91f360ccbcaabbad5875732ee0d564b2adfc270374c360279f26ef14d71b5f362e14a22e7936f

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFomR7UsyJC+n0Gsgyek1a:n3C9BRomRph+0GsgyeYa

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks