Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    feddd86c5516e10ffa7c76158734f4a809cb3e67c42e7a737d1c0e72c8fceb3c

  • Size

    94KB

  • Sample

    240528-q1yzbsfg6x

  • MD5

    8d8b90c4e3754ad32505fc40989faaaf

  • SHA1

    a95db69036b984a8e9be3a6a9d157228d2c14943

  • SHA256

    feddd86c5516e10ffa7c76158734f4a809cb3e67c42e7a737d1c0e72c8fceb3c

  • SHA512

    cc96e0b5743026521f49300302ee7e582e1e3034fefc709f69a3330ef3c98c815ec179e0f57e68e56c1d005b19ee891c4df19d356409b488aea42ef621180d34

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLuePjDYlR3hnjKXIQSe9oEq:ymb3NkkiQ3mdBjFoLucjDilOZhoP

Malware Config

Targets

    • Target

      feddd86c5516e10ffa7c76158734f4a809cb3e67c42e7a737d1c0e72c8fceb3c

    • Size

      94KB

    • MD5

      8d8b90c4e3754ad32505fc40989faaaf

    • SHA1

      a95db69036b984a8e9be3a6a9d157228d2c14943

    • SHA256

      feddd86c5516e10ffa7c76158734f4a809cb3e67c42e7a737d1c0e72c8fceb3c

    • SHA512

      cc96e0b5743026521f49300302ee7e582e1e3034fefc709f69a3330ef3c98c815ec179e0f57e68e56c1d005b19ee891c4df19d356409b488aea42ef621180d34

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLuePjDYlR3hnjKXIQSe9oEq:ymb3NkkiQ3mdBjFoLucjDilOZhoP

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks