Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    65327b0b5289419b2f2f880c57ee6b7c8e338e892a1c6855b9733f1615c502db.exe

  • Size

    275KB

  • Sample

    240530-fgf93agc36

  • MD5

    1d4853a68bb3bcbd4ee3274da32641c9

  • SHA1

    3395b2ffaf240b845f5f30b02e92edd914f92f14

  • SHA256

    65327b0b5289419b2f2f880c57ee6b7c8e338e892a1c6855b9733f1615c502db

  • SHA512

    25ecc8443195116e59797cc490582fd582d5807067c02c24d0787c7adf410968de944e753f9441c46baa2b067f3feb9c464a73ba33616b480bc17a033ff6c289

  • SSDEEP

    3072:8hOm2sI93UufdC67cimD5t251UrRE9TTFfl:8cm7ImGddXmNt251UriZFfl

Malware Config

Targets

    • Target

      65327b0b5289419b2f2f880c57ee6b7c8e338e892a1c6855b9733f1615c502db.exe

    • Size

      275KB

    • MD5

      1d4853a68bb3bcbd4ee3274da32641c9

    • SHA1

      3395b2ffaf240b845f5f30b02e92edd914f92f14

    • SHA256

      65327b0b5289419b2f2f880c57ee6b7c8e338e892a1c6855b9733f1615c502db

    • SHA512

      25ecc8443195116e59797cc490582fd582d5807067c02c24d0787c7adf410968de944e753f9441c46baa2b067f3feb9c464a73ba33616b480bc17a033ff6c289

    • SSDEEP

      3072:8hOm2sI93UufdC67cimD5t251UrRE9TTFfl:8cm7ImGddXmNt251UriZFfl

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks