Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9a3469cd99a838abfaa4bd8b4f014ce0c976385175965828f4c42223d26e311c

  • Size

    149KB

  • Sample

    240525-bllywshf27

  • MD5

    72d0d2fac5289c067cafd5da1e10e378

  • SHA1

    12c5e4d358ac7f76b79c4895b2870317f79bc62a

  • SHA256

    9a3469cd99a838abfaa4bd8b4f014ce0c976385175965828f4c42223d26e311c

  • SHA512

    3b22d763e729ad6d54816d946463c6c583d4e9a121abb00536454d4e797ba0ad386c07d4224a74ddd9d3496c55071dfaadeba0354b99de2daeb8de9f154811a6

  • SSDEEP

    3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4tz:kcm4FmowdHoSphraHcpOFltH4tz

Malware Config

Targets

    • Target

      9a3469cd99a838abfaa4bd8b4f014ce0c976385175965828f4c42223d26e311c

    • Size

      149KB

    • MD5

      72d0d2fac5289c067cafd5da1e10e378

    • SHA1

      12c5e4d358ac7f76b79c4895b2870317f79bc62a

    • SHA256

      9a3469cd99a838abfaa4bd8b4f014ce0c976385175965828f4c42223d26e311c

    • SHA512

      3b22d763e729ad6d54816d946463c6c583d4e9a121abb00536454d4e797ba0ad386c07d4224a74ddd9d3496c55071dfaadeba0354b99de2daeb8de9f154811a6

    • SSDEEP

      3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4tz:kcm4FmowdHoSphraHcpOFltH4tz

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks