Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    af7f0b212e9db53792fb7aacbe64f2b99e44eb735e666b60fac16cec9e225cf9

  • Size

    87KB

  • Sample

    240508-b6zqgsef53

  • MD5

    f8bbd7b634a2ae5149184cd972f2ee97

  • SHA1

    553890ea5944beb6a270d185d3747acc2b4a7742

  • SHA256

    af7f0b212e9db53792fb7aacbe64f2b99e44eb735e666b60fac16cec9e225cf9

  • SHA512

    e0118a67ae84a099649997f967fff17e146a0b0102d123d9362007660d539f91033887a2cf04e81a603410932efc763745a4a924a7d94c794c2647cfa2908326

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLU1grORPfr0k890C0:ymb3NkkiQ3mdBjFoLk8Pk890C0

Malware Config

Targets

    • Target

      af7f0b212e9db53792fb7aacbe64f2b99e44eb735e666b60fac16cec9e225cf9

    • Size

      87KB

    • MD5

      f8bbd7b634a2ae5149184cd972f2ee97

    • SHA1

      553890ea5944beb6a270d185d3747acc2b4a7742

    • SHA256

      af7f0b212e9db53792fb7aacbe64f2b99e44eb735e666b60fac16cec9e225cf9

    • SHA512

      e0118a67ae84a099649997f967fff17e146a0b0102d123d9362007660d539f91033887a2cf04e81a603410932efc763745a4a924a7d94c794c2647cfa2908326

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLU1grORPfr0k890C0:ymb3NkkiQ3mdBjFoLk8Pk890C0

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks