Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fde1db7cb69fb22b8b7421d61ac8bc58bfd7fd2ad13daf614299441dc0302cce

  • Size

    61KB

  • Sample

    240502-gngpvacg85

  • MD5

    d7efd1ba109c208083f1ade1bdd94323

  • SHA1

    5c6825e692d6249541683b012499498ee6d3f351

  • SHA256

    fde1db7cb69fb22b8b7421d61ac8bc58bfd7fd2ad13daf614299441dc0302cce

  • SHA512

    a45b2cd51c76b23a4b86b1f8a48c76f3fb88fdef61ff97edfa650d17acba5678a77e0ca0f4bad3f9f56b4fbecb3b32c5952b5c9316ad37997a01e8c860ea6c64

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDII9ZvHKEo:ymb3NkkiQ3mdBjFII9ZvHKEo

Malware Config

Targets

    • Target

      fde1db7cb69fb22b8b7421d61ac8bc58bfd7fd2ad13daf614299441dc0302cce

    • Size

      61KB

    • MD5

      d7efd1ba109c208083f1ade1bdd94323

    • SHA1

      5c6825e692d6249541683b012499498ee6d3f351

    • SHA256

      fde1db7cb69fb22b8b7421d61ac8bc58bfd7fd2ad13daf614299441dc0302cce

    • SHA512

      a45b2cd51c76b23a4b86b1f8a48c76f3fb88fdef61ff97edfa650d17acba5678a77e0ca0f4bad3f9f56b4fbecb3b32c5952b5c9316ad37997a01e8c860ea6c64

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDII9ZvHKEo:ymb3NkkiQ3mdBjFII9ZvHKEo

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks