Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f

  • Size

    63KB

  • Sample

    240610-fjqxaada58

  • MD5

    fd6e65a4a44a135befdf31e3e6c8645b

  • SHA1

    6135ec50702dfa21e42d229935a18b8134d48fe9

  • SHA256

    295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f

  • SHA512

    f59d9a66d6b74a03743e1fd29f356e683371453d2ca8a732ef91196505dec1f5ba676f3d09b413d7475484d6f11bd15c0fc58931e3a3559b06c2e66e7ff0f223

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12A:ymb3NkkiQ3mdBjFIFdJmj

Malware Config

Targets

    • Target

      295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f

    • Size

      63KB

    • MD5

      fd6e65a4a44a135befdf31e3e6c8645b

    • SHA1

      6135ec50702dfa21e42d229935a18b8134d48fe9

    • SHA256

      295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f

    • SHA512

      f59d9a66d6b74a03743e1fd29f356e683371453d2ca8a732ef91196505dec1f5ba676f3d09b413d7475484d6f11bd15c0fc58931e3a3559b06c2e66e7ff0f223

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12A:ymb3NkkiQ3mdBjFIFdJmj

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks