Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e143762ee203cc6182de40c0f2b565dfec2723c5381dfd2297c95ccbbfe75d5b

  • Size

    387KB

  • Sample

    240612-f5s9jasanq

  • MD5

    a73992931be67358799b9052e51e1104

  • SHA1

    7155b82ac6e852e2888ff978cff8b9fe63c95336

  • SHA256

    e143762ee203cc6182de40c0f2b565dfec2723c5381dfd2297c95ccbbfe75d5b

  • SHA512

    7102bd317f4c155d0a0d027317d9308eef36183aa8505f06887fe216272ee22eeeef5b8085cd91696bf680d3249ccef0129e0302dc2a9c6228ad053985b2f025

  • SSDEEP

    12288:n3C9ytvngQjpUXoSWlnwJv90aKToFqwf0:SgdnJVU4TlnwJ6Goh

Malware Config

Targets

    • Target

      e143762ee203cc6182de40c0f2b565dfec2723c5381dfd2297c95ccbbfe75d5b

    • Size

      387KB

    • MD5

      a73992931be67358799b9052e51e1104

    • SHA1

      7155b82ac6e852e2888ff978cff8b9fe63c95336

    • SHA256

      e143762ee203cc6182de40c0f2b565dfec2723c5381dfd2297c95ccbbfe75d5b

    • SHA512

      7102bd317f4c155d0a0d027317d9308eef36183aa8505f06887fe216272ee22eeeef5b8085cd91696bf680d3249ccef0129e0302dc2a9c6228ad053985b2f025

    • SSDEEP

      12288:n3C9ytvngQjpUXoSWlnwJv90aKToFqwf0:SgdnJVU4TlnwJ6Goh

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks