Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8f0e8a2825ce3e716f5e99fedf5004972f0284b89b4cf0251b01778b8684bf9e

  • Size

    205KB

  • Sample

    240624-3vnmmayeme

  • MD5

    b95793ca87f6834e4210a63a68f75483

  • SHA1

    a7321604e34ea7c26a4778c95c605044af44a413

  • SHA256

    8f0e8a2825ce3e716f5e99fedf5004972f0284b89b4cf0251b01778b8684bf9e

  • SHA512

    9c9e9d570cb0aa7e001704aa012d1b878c1599e0dd4b4b9e8b86a2abecbc192aa9c16cbb44a4e143890d663143de083ac7ad2b15eba7feb46ab156af91a68506

  • SSDEEP

    6144:rcm4FmowdHoStBuhW246lCXb7YpdnSj6KsaB:x4wFHoSLjr0+HsaB

Malware Config

Targets

    • Target

      8f0e8a2825ce3e716f5e99fedf5004972f0284b89b4cf0251b01778b8684bf9e

    • Size

      205KB

    • MD5

      b95793ca87f6834e4210a63a68f75483

    • SHA1

      a7321604e34ea7c26a4778c95c605044af44a413

    • SHA256

      8f0e8a2825ce3e716f5e99fedf5004972f0284b89b4cf0251b01778b8684bf9e

    • SHA512

      9c9e9d570cb0aa7e001704aa012d1b878c1599e0dd4b4b9e8b86a2abecbc192aa9c16cbb44a4e143890d663143de083ac7ad2b15eba7feb46ab156af91a68506

    • SSDEEP

      6144:rcm4FmowdHoStBuhW246lCXb7YpdnSj6KsaB:x4wFHoSLjr0+HsaB

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks