Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1c14ddbae36b721c5e1165ac622e65731b7e756075a9168dec666ac0976007e6

  • Size

    96KB

  • Sample

    240602-x77ndadd39

  • MD5

    737d4f2be92988f2cd2280e52b65a53a

  • SHA1

    083778f72a64a345f9dd17be3ddb070d9b011981

  • SHA256

    1c14ddbae36b721c5e1165ac622e65731b7e756075a9168dec666ac0976007e6

  • SHA512

    de5fecf9abc1ac94598928069c5a9d067ce45186daac3593bfc25c2395a254dd78e22cdebb294034d815993bad72ba8b7cdb8b20f659f14e752d27f12090f0f2

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIS7/b9EUeWpEC3alBlwtn8BLnnl:ymb3NkkiQ3mdBjFIi/REUZnKlbnv9

Malware Config

Targets

    • Target

      1c14ddbae36b721c5e1165ac622e65731b7e756075a9168dec666ac0976007e6

    • Size

      96KB

    • MD5

      737d4f2be92988f2cd2280e52b65a53a

    • SHA1

      083778f72a64a345f9dd17be3ddb070d9b011981

    • SHA256

      1c14ddbae36b721c5e1165ac622e65731b7e756075a9168dec666ac0976007e6

    • SHA512

      de5fecf9abc1ac94598928069c5a9d067ce45186daac3593bfc25c2395a254dd78e22cdebb294034d815993bad72ba8b7cdb8b20f659f14e752d27f12090f0f2

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIS7/b9EUeWpEC3alBlwtn8BLnnl:ymb3NkkiQ3mdBjFIi/REUZnKlbnv9

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks