Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5642ce0610ec996456c14ae3842ea073cb0b9479d8c67cc2fb564b21bbeb7e52

  • Size

    94KB

  • Sample

    240430-14b9vaha8v

  • MD5

    11638ac20d762b986002e50c98aeca3a

  • SHA1

    62e10283c47adaebd9fee7367407e57d3770f839

  • SHA256

    5642ce0610ec996456c14ae3842ea073cb0b9479d8c67cc2fb564b21bbeb7e52

  • SHA512

    e4ecf8573a977eff18954511f769221be0954a5d7504bb3628d32d20dae69dff1c63358dfbc274f2f96ddd6ecd41a2039e1e2b44dcff720b78dcad1fed334580

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDInWeNCYGyA2R7JxJAg8dtQl:ymb3NkkiQ3mdBjFIWeFGyAsJAg2Ql

Malware Config

Targets

    • Target

      5642ce0610ec996456c14ae3842ea073cb0b9479d8c67cc2fb564b21bbeb7e52

    • Size

      94KB

    • MD5

      11638ac20d762b986002e50c98aeca3a

    • SHA1

      62e10283c47adaebd9fee7367407e57d3770f839

    • SHA256

      5642ce0610ec996456c14ae3842ea073cb0b9479d8c67cc2fb564b21bbeb7e52

    • SHA512

      e4ecf8573a977eff18954511f769221be0954a5d7504bb3628d32d20dae69dff1c63358dfbc274f2f96ddd6ecd41a2039e1e2b44dcff720b78dcad1fed334580

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDInWeNCYGyA2R7JxJAg8dtQl:ymb3NkkiQ3mdBjFIWeFGyAsJAg2Ql

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks