Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1a0e6cfcfc2f7d4a6b16379bbb9766ff.exe

  • Size

    487KB

  • Sample

    240517-rlzgzsbe77

  • MD5

    1a0e6cfcfc2f7d4a6b16379bbb9766ff

  • SHA1

    d52c725777497a0cf55e0350b0a5509e5cb436ca

  • SHA256

    d36da087aefd30d3caa165a61fd3204168d08a7f55d7afd0b53e177da1940d80

  • SHA512

    0ae290c25d8a195026fb32edf2556d7e016bcbe87fa41bb08c179bfcfc21084f4f9bb90ffeaf2b40aeb80936bad5c1e0353c0fd7f2119e8a3afb6f21b0be9c63

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjkUo7tvnJ9oH0IiVByq9CPobNVS:n3C9ytvngQjgtvngSV3CPobNVS

Malware Config

Targets

    • Target

      1a0e6cfcfc2f7d4a6b16379bbb9766ff.exe

    • Size

      487KB

    • MD5

      1a0e6cfcfc2f7d4a6b16379bbb9766ff

    • SHA1

      d52c725777497a0cf55e0350b0a5509e5cb436ca

    • SHA256

      d36da087aefd30d3caa165a61fd3204168d08a7f55d7afd0b53e177da1940d80

    • SHA512

      0ae290c25d8a195026fb32edf2556d7e016bcbe87fa41bb08c179bfcfc21084f4f9bb90ffeaf2b40aeb80936bad5c1e0353c0fd7f2119e8a3afb6f21b0be9c63

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjkUo7tvnJ9oH0IiVByq9CPobNVS:n3C9ytvngQjgtvngSV3CPobNVS

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks