Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    34ec01f1e7203721896295bccd79a737962db6e47d9090fb6b78234a91be5cb5

  • Size

    213KB

  • Sample

    240501-y4ph3aaa33

  • MD5

    270bf9fb320cfc6ef65e5266e2cf2474

  • SHA1

    d11a9e1661afca4b1803272436b500c266c13f6b

  • SHA256

    34ec01f1e7203721896295bccd79a737962db6e47d9090fb6b78234a91be5cb5

  • SHA512

    4724997b647bd7a1cf75c58be0da4f5019af46878b3b004c1378ca3bb3474c9087b907b625958ffbfc11454b6c439d94d7232b47d84297a947374138f23a270b

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmc51+GqekBJCvr6zJBUmABvc:n3C9BRIG0asYFm71m8+GdkB9EBE

Malware Config

Targets

    • Target

      34ec01f1e7203721896295bccd79a737962db6e47d9090fb6b78234a91be5cb5

    • Size

      213KB

    • MD5

      270bf9fb320cfc6ef65e5266e2cf2474

    • SHA1

      d11a9e1661afca4b1803272436b500c266c13f6b

    • SHA256

      34ec01f1e7203721896295bccd79a737962db6e47d9090fb6b78234a91be5cb5

    • SHA512

      4724997b647bd7a1cf75c58be0da4f5019af46878b3b004c1378ca3bb3474c9087b907b625958ffbfc11454b6c439d94d7232b47d84297a947374138f23a270b

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmc51+GqekBJCvr6zJBUmABvc:n3C9BRIG0asYFm71m8+GdkB9EBE

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks