Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6632cc628518a78f275422ffd286c250N.exe

  • Size

    80KB

  • Sample

    240805-jeng5szdrp

  • MD5

    6632cc628518a78f275422ffd286c250

  • SHA1

    14ffc461c763d7ee10a67431c270a19e75ea92d6

  • SHA256

    6cad545e9478a4748b3894c64db71063385e8520633f47884cf4df01a0980aae

  • SHA512

    99456111092fe6a5fc70340c8c790ff0ac85ce7f5dafeaa6b323338641538a7f56ff40fdc06d88d8653e09a764da65e3b0c2187f4227734944e94a7a110a4e80

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73t6MlYqn+jMp9tQL:ymb3NkkiQ3mdBjFo73tvn+Yp9tQL

Malware Config

Targets

    • Target

      6632cc628518a78f275422ffd286c250N.exe

    • Size

      80KB

    • MD5

      6632cc628518a78f275422ffd286c250

    • SHA1

      14ffc461c763d7ee10a67431c270a19e75ea92d6

    • SHA256

      6cad545e9478a4748b3894c64db71063385e8520633f47884cf4df01a0980aae

    • SHA512

      99456111092fe6a5fc70340c8c790ff0ac85ce7f5dafeaa6b323338641538a7f56ff40fdc06d88d8653e09a764da65e3b0c2187f4227734944e94a7a110a4e80

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73t6MlYqn+jMp9tQL:ymb3NkkiQ3mdBjFo73tvn+Yp9tQL

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks