Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a43dc91b3beb7bf3275cdad059683b1bd2a1d9202529f4f9446f02da719af054

  • Size

    383KB

  • Sample

    240601-bvbvaach2v

  • MD5

    45c6ee5c01e868751da11a2f72e69999

  • SHA1

    439d36161743dbe12eab1aca8c857a4e3fff362e

  • SHA256

    a43dc91b3beb7bf3275cdad059683b1bd2a1d9202529f4f9446f02da719af054

  • SHA512

    2b9ce2c036bf50e00de39678016cffdf281b727d5d66aa147bafcee9259754b6a30f7f3a400639dde0942054d063572991a6da8d2357d0a1dbc2be065d421895

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHqL3yeHmlwe+axBcot39vUDbYhzod03:n3C9BRo7tvnJ99T/KZEL3c5BTkPXKpv

Malware Config

Targets

    • Target

      a43dc91b3beb7bf3275cdad059683b1bd2a1d9202529f4f9446f02da719af054

    • Size

      383KB

    • MD5

      45c6ee5c01e868751da11a2f72e69999

    • SHA1

      439d36161743dbe12eab1aca8c857a4e3fff362e

    • SHA256

      a43dc91b3beb7bf3275cdad059683b1bd2a1d9202529f4f9446f02da719af054

    • SHA512

      2b9ce2c036bf50e00de39678016cffdf281b727d5d66aa147bafcee9259754b6a30f7f3a400639dde0942054d063572991a6da8d2357d0a1dbc2be065d421895

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHqL3yeHmlwe+axBcot39vUDbYhzod03:n3C9BRo7tvnJ99T/KZEL3c5BTkPXKpv

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks