Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7b7899b716af73a54fc4df4779af45ea9a2ebc7f99dae45c60ce848836b01747

  • Size

    50KB

  • Sample

    240424-wdpp2aec45

  • MD5

    ac0712a576051b3727756c91affd80ea

  • SHA1

    fb03adaa3632cab4b9c47f85873d0551d8163e3b

  • SHA256

    7b7899b716af73a54fc4df4779af45ea9a2ebc7f99dae45c60ce848836b01747

  • SHA512

    9b22bf431af97a784aaaa51ba2506ee03019891a85506bb765e546fee952793452957dd731e9b433dffa96f8d3a8bb40169502108c22a99135b435da10023bd3

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoYuA:ymb3NkkiQ3mdBjFobA

Malware Config

Targets

    • Target

      7b7899b716af73a54fc4df4779af45ea9a2ebc7f99dae45c60ce848836b01747

    • Size

      50KB

    • MD5

      ac0712a576051b3727756c91affd80ea

    • SHA1

      fb03adaa3632cab4b9c47f85873d0551d8163e3b

    • SHA256

      7b7899b716af73a54fc4df4779af45ea9a2ebc7f99dae45c60ce848836b01747

    • SHA512

      9b22bf431af97a784aaaa51ba2506ee03019891a85506bb765e546fee952793452957dd731e9b433dffa96f8d3a8bb40169502108c22a99135b435da10023bd3

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoYuA:ymb3NkkiQ3mdBjFobA

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks