Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ec627347f7a610fa3eec577e4bd03b70N.exe

  • Size

    280KB

  • Sample

    240720-vcs6dstfqb

  • MD5

    ec627347f7a610fa3eec577e4bd03b70

  • SHA1

    4f680ef451d2f7db0f030d2e4592fd85f50202d7

  • SHA256

    f8ffd5f07b52673cc52712b502cf3629597f8d382bd78965d74f3a57b6fd8e79

  • SHA512

    9843e2999476b4bb63ec8cb0e98d20cd8161425424d5ed621200a001cc22d4652583625a925d5ab1dcc42c08db27f159a3c6183c85c1729e6e30554bedf61bb7

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7VvemWL:n3C9uYA71kSMue

Malware Config

Targets

    • Target

      ec627347f7a610fa3eec577e4bd03b70N.exe

    • Size

      280KB

    • MD5

      ec627347f7a610fa3eec577e4bd03b70

    • SHA1

      4f680ef451d2f7db0f030d2e4592fd85f50202d7

    • SHA256

      f8ffd5f07b52673cc52712b502cf3629597f8d382bd78965d74f3a57b6fd8e79

    • SHA512

      9843e2999476b4bb63ec8cb0e98d20cd8161425424d5ed621200a001cc22d4652583625a925d5ab1dcc42c08db27f159a3c6183c85c1729e6e30554bedf61bb7

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7VvemWL:n3C9uYA71kSMue

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks