Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    98939571c92ac1ef54b0a2254b0ca4668489d7974b9fd96e6c26a1e86fcb69ed

  • Size

    92KB

  • Sample

    240605-a58fkahh29

  • MD5

    01fbb3c604ed878c2bddff0ec99f709c

  • SHA1

    3edabe63bd0ad047fc58d0503eda33b646f7fdcc

  • SHA256

    98939571c92ac1ef54b0a2254b0ca4668489d7974b9fd96e6c26a1e86fcb69ed

  • SHA512

    068c0c977a0e304e6af0a5b45c146c6fa59abbe8ae622f6e975c3db972ca8c14de38c19f420f6de6dec1a8c34c07154f8327e757a6c087637f1182210d89a828

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIQIDyviFxx2hCtgIMLP9rBZaRBi:ymb3NkkiQ3mdBjFIVLd2hWZGreRCUlba

Malware Config

Targets

    • Target

      98939571c92ac1ef54b0a2254b0ca4668489d7974b9fd96e6c26a1e86fcb69ed

    • Size

      92KB

    • MD5

      01fbb3c604ed878c2bddff0ec99f709c

    • SHA1

      3edabe63bd0ad047fc58d0503eda33b646f7fdcc

    • SHA256

      98939571c92ac1ef54b0a2254b0ca4668489d7974b9fd96e6c26a1e86fcb69ed

    • SHA512

      068c0c977a0e304e6af0a5b45c146c6fa59abbe8ae622f6e975c3db972ca8c14de38c19f420f6de6dec1a8c34c07154f8327e757a6c087637f1182210d89a828

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIQIDyviFxx2hCtgIMLP9rBZaRBi:ymb3NkkiQ3mdBjFIVLd2hWZGreRCUlba

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks