Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

155绿色�...��.url

windows7-x64

1

155绿色�...��.url

windows10-2004-x64

1

QQ牧场宝贝.exe

windows7-x64

10

QQ牧场宝贝.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a88e5dcaab3465a1507be7e4d2e8d60_JaffaCakes118

  • Size

    276KB

  • Sample

    240701-jyqrlszhkf

  • MD5

    1a88e5dcaab3465a1507be7e4d2e8d60

  • SHA1

    a74e80a675b577bc8921befae1d4673a0a5eb962

  • SHA256

    2096c404d709221eae23bdb1fbaff57d648c7d017ea97035882b9b97d55d1df1

  • SHA512

    7595c6b79e933c0ded226d4a9782a833e480ed694a495394096e88e7631eff327933027a342d9cb0ed6ce196682bf29276143c7bfb7c9c5c6692027a98323c1d

  • SSDEEP

    6144:/je8A8PTEX+ilM/KcDzIekFOLqByWtapaH4ofdgua8:/je8HLEXjWKccJO2Bleaap8

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      155绿色软件站.url

    • Size

      219B

    • MD5

      3a1f2a8a3ef08ae269517a69ea918b2c

    • SHA1

      7d2e6719702bc8472e045e010efa6ed3f7df4b5b

    • SHA256

      66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd

    • SHA512

      22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576

    Score
    1/10
    behavioral1behavioral2

    • Target

      QQ牧场宝贝.exe

    • Size

      283KB

    • MD5

      4b18c843d1f5aa5c0a0511d8137fb0ca

    • SHA1

      3b7db3134a3a15a3683a1c198c0c972c58e507b5

    • SHA256

      842536f9891fd3842e8a6b74c667391a1e11b4a552c34414bc48f61fdbdd6c1b

    • SHA512

      721f613673650df4c0762bf03bfd9af4b34b2f437940baa98b9cf5623eacea24b6ba820917d4dc605a539f04fd196a4794647a2cb7c82fd0c294fb600290dc2c

    • SSDEEP

      6144:6EBLkxedjZJv+91z0/RCLIEX8494VLAJaBf04vCt7ssYInY:6cLkxe1n+Tz0/+SZXBf0ECt7ssYInY

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks