Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fc24043979b90443f4707c6ab71b284fe7e563ac61ad3dc972b8a4b053522b8a

  • Size

    229KB

  • Sample

    240625-e99awa1brd

  • MD5

    3262ccdb247c8c37b27cd50c2635a9c7

  • SHA1

    10be05e5090125771aeca98253a2a8069ca21742

  • SHA256

    fc24043979b90443f4707c6ab71b284fe7e563ac61ad3dc972b8a4b053522b8a

  • SHA512

    10497b6f527fe5d40fe06c7fd03970eae2cef3ce79ad583372adf4c7d2f09f3fcc037ddf26bdcb519536cfd780383d4375242173e1c10cb90c8534df915ef001

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLn/c1N:n3C9BRo7MlrWKo+lxKk1N

Malware Config

Targets

    • Target

      fc24043979b90443f4707c6ab71b284fe7e563ac61ad3dc972b8a4b053522b8a

    • Size

      229KB

    • MD5

      3262ccdb247c8c37b27cd50c2635a9c7

    • SHA1

      10be05e5090125771aeca98253a2a8069ca21742

    • SHA256

      fc24043979b90443f4707c6ab71b284fe7e563ac61ad3dc972b8a4b053522b8a

    • SHA512

      10497b6f527fe5d40fe06c7fd03970eae2cef3ce79ad583372adf4c7d2f09f3fcc037ddf26bdcb519536cfd780383d4375242173e1c10cb90c8534df915ef001

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLn/c1N:n3C9BRo7MlrWKo+lxKk1N

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks