Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    01f9ff4207fa3a65e36e4ea2b0f6373284a57d9e2a8e931e662ef2a730827cb7

  • Size

    184KB

  • Sample

    240608-wsv6cseb81

  • MD5

    c534d14730cd3314dbd6d9093fda3117

  • SHA1

    7285b7d03ef472d9021efaa7d0fce4968d041fde

  • SHA256

    01f9ff4207fa3a65e36e4ea2b0f6373284a57d9e2a8e931e662ef2a730827cb7

  • SHA512

    ad70de55126f768de8cba15769be869c686dba1efd63530e993bc6d81b1524f00cf9cc34e7d7aec79d07000b0b18db2d927adfe4e093f24bbb15807639f33af9

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+EMdb4SY:PhOm2sI93UufdC67ciJTWMdbHY

Malware Config

Targets

    • Target

      01f9ff4207fa3a65e36e4ea2b0f6373284a57d9e2a8e931e662ef2a730827cb7

    • Size

      184KB

    • MD5

      c534d14730cd3314dbd6d9093fda3117

    • SHA1

      7285b7d03ef472d9021efaa7d0fce4968d041fde

    • SHA256

      01f9ff4207fa3a65e36e4ea2b0f6373284a57d9e2a8e931e662ef2a730827cb7

    • SHA512

      ad70de55126f768de8cba15769be869c686dba1efd63530e993bc6d81b1524f00cf9cc34e7d7aec79d07000b0b18db2d927adfe4e093f24bbb15807639f33af9

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+EMdb4SY:PhOm2sI93UufdC67ciJTWMdbHY

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks