Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0c9a957b19227b48aa802652461b525fb9dd7654a5d057cc390d3f560e150ea7

  • Size

    540KB

  • Sample

    240530-xbb7laga5y

  • MD5

    19a082720cae7b5ea2832a528fb44686

  • SHA1

    d06c5bec3e9615f7096eaf9ce2c5defe4ff1b35a

  • SHA256

    0c9a957b19227b48aa802652461b525fb9dd7654a5d057cc390d3f560e150ea7

  • SHA512

    70c4472ad11b372288660b79baeaa5efd83bc45ecec9972e80f49acd075b17d3b1a054536a654d9a5c73c31bf4b593bae490eda288c1806a518f0d8e5d4f366b

  • SSDEEP

    6144:Ucm4FmowdHoSEsIR7DsFhraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNDoD7:i4wFHoSEsIR7seFaKHpv/VycgE81lg8

Malware Config

Targets

    • Target

      0c9a957b19227b48aa802652461b525fb9dd7654a5d057cc390d3f560e150ea7

    • Size

      540KB

    • MD5

      19a082720cae7b5ea2832a528fb44686

    • SHA1

      d06c5bec3e9615f7096eaf9ce2c5defe4ff1b35a

    • SHA256

      0c9a957b19227b48aa802652461b525fb9dd7654a5d057cc390d3f560e150ea7

    • SHA512

      70c4472ad11b372288660b79baeaa5efd83bc45ecec9972e80f49acd075b17d3b1a054536a654d9a5c73c31bf4b593bae490eda288c1806a518f0d8e5d4f366b

    • SSDEEP

      6144:Ucm4FmowdHoSEsIR7DsFhraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNDoD7:i4wFHoSEsIR7seFaKHpv/VycgE81lg8

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks