Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    54233c003d3dd5039102695f390cbe3709e95e70deb1b91b47c97262e9da5b8f

  • Size

    181KB

  • Sample

    240604-1hkn4acd31

  • MD5

    452cf8300072c684cf2ed8d5ac5e9a90

  • SHA1

    9ec1a632371946ceaa96bc0686b3aad9934158d2

  • SHA256

    54233c003d3dd5039102695f390cbe3709e95e70deb1b91b47c97262e9da5b8f

  • SHA512

    eeabafa1af03ee1c8acc30f04e8864da9f8a844934ddbb1f28b68534f2ea82c841d894c8b26dda12c4b3d380755541875bbbf7fcb295229b0e81acdc210989c9

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJPhbM/v:PhOm2sI93UufdC67ciJTm5hI/v

Malware Config

Targets

    • Target

      54233c003d3dd5039102695f390cbe3709e95e70deb1b91b47c97262e9da5b8f

    • Size

      181KB

    • MD5

      452cf8300072c684cf2ed8d5ac5e9a90

    • SHA1

      9ec1a632371946ceaa96bc0686b3aad9934158d2

    • SHA256

      54233c003d3dd5039102695f390cbe3709e95e70deb1b91b47c97262e9da5b8f

    • SHA512

      eeabafa1af03ee1c8acc30f04e8864da9f8a844934ddbb1f28b68534f2ea82c841d894c8b26dda12c4b3d380755541875bbbf7fcb295229b0e81acdc210989c9

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJPhbM/v:PhOm2sI93UufdC67ciJTm5hI/v

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks