Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0

  • Size

    308KB

  • Sample

    240616-ejwxvsserm

  • MD5

    17a51fa72d5a9e3b466eeec37c5a706b

  • SHA1

    7527223c1349ca49bc75e1996cb6436504a5bb33

  • SHA256

    e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0

  • SHA512

    e306c5f83cda0d65b0fc83d329b34462585763f470185d9314e1c2b0c6617586b969798559581875901bde3e2c6c13f01cc53d50a4ce0352ccd5ab3afd1d9b3a

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo7LAIRUohDLS0k+sLiiBVS0ILlMcGGW7sRCl9eMw:n3C9BRo/AIuunS3+sOiBVSXxMxTsm9ep

Malware Config

Targets

    • Target

      e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0

    • Size

      308KB

    • MD5

      17a51fa72d5a9e3b466eeec37c5a706b

    • SHA1

      7527223c1349ca49bc75e1996cb6436504a5bb33

    • SHA256

      e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0

    • SHA512

      e306c5f83cda0d65b0fc83d329b34462585763f470185d9314e1c2b0c6617586b969798559581875901bde3e2c6c13f01cc53d50a4ce0352ccd5ab3afd1d9b3a

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo7LAIRUohDLS0k+sLiiBVS0ILlMcGGW7sRCl9eMw:n3C9BRo/AIuunS3+sOiBVSXxMxTsm9ep

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks