Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    26e33b656bc4806821bbf6e0854f4308.bin

  • Size

    805KB

  • Sample

    240510-bdff5scg69

  • MD5

    26e33b656bc4806821bbf6e0854f4308

  • SHA1

    5679e4f843f8de0125efd20ce7bb32117682a67c

  • SHA256

    d64f49dc0f53e5deadaee8bf403d76bab9838effdcb6e4aff485f23745a041c5

  • SHA512

    8927ad20d79e74b760bc680d54c8afd8f5e7e139ebcb5991e2f44b4ac31b2bb1767ef357cadb9930a34fae8cb842cc5ad281507c2ad90d1ed536f50c3c06ecc2

  • SSDEEP

    24576:Hd/4E1TAPJZgvtbhSQhAtuRyeiQYgBE/2h9:Hd/LpMSlbPh/tBVh

Malware Config

Targets

    • Target

      26e33b656bc4806821bbf6e0854f4308.bin

    • Size

      805KB

    • MD5

      26e33b656bc4806821bbf6e0854f4308

    • SHA1

      5679e4f843f8de0125efd20ce7bb32117682a67c

    • SHA256

      d64f49dc0f53e5deadaee8bf403d76bab9838effdcb6e4aff485f23745a041c5

    • SHA512

      8927ad20d79e74b760bc680d54c8afd8f5e7e139ebcb5991e2f44b4ac31b2bb1767ef357cadb9930a34fae8cb842cc5ad281507c2ad90d1ed536f50c3c06ecc2

    • SSDEEP

      24576:Hd/4E1TAPJZgvtbhSQhAtuRyeiQYgBE/2h9:Hd/LpMSlbPh/tBVh

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Blocklisted process makes network request

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks