Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a9478348dce232b0241b58c4950b4f00N.exe

  • Size

    235KB

  • Sample

    240819-3efxvavhlq

  • MD5

    a9478348dce232b0241b58c4950b4f00

  • SHA1

    86fdc37b9cb82c063c95cb617e118d6b4d311c36

  • SHA256

    be47ab4df2488b814a89cbc04dd02fd32820831a3895f2fdd05ce8020d345c73

  • SHA512

    a197da7904169439b8ea9d85f23417b61460cf29c8f9d9083386c2a264402c0820ed40caca3e26412d721b3dbe45a3003cc9844f9f260b5f96951c49903b1825

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4MAWvGjRVZEW:n3C9BRo7MlrWKo+lxtvGtVZEW

Malware Config

Targets

    • Target

      a9478348dce232b0241b58c4950b4f00N.exe

    • Size

      235KB

    • MD5

      a9478348dce232b0241b58c4950b4f00

    • SHA1

      86fdc37b9cb82c063c95cb617e118d6b4d311c36

    • SHA256

      be47ab4df2488b814a89cbc04dd02fd32820831a3895f2fdd05ce8020d345c73

    • SHA512

      a197da7904169439b8ea9d85f23417b61460cf29c8f9d9083386c2a264402c0820ed40caca3e26412d721b3dbe45a3003cc9844f9f260b5f96951c49903b1825

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4MAWvGjRVZEW:n3C9BRo7MlrWKo+lxtvGtVZEW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks