Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8909118b94826c1f1950bc522142bca0N.exe

  • Size

    72KB

  • Sample

    240819-hzz61a1ajh

  • MD5

    8909118b94826c1f1950bc522142bca0

  • SHA1

    8debb3db493793d567055da751c77922c32cbc6b

  • SHA256

    3337be7ed44a48a7c6391bfdb96e50258a5ef6d262cf179b7b63013b0b9cbc8b

  • SHA512

    c943e0b1b1fe2d9b24dd3cd9e811d649d96203538c355db13bcc81018f816d49cfddddb358881b880d901848644ba23babb28ae31ea6c3accce9fa81979eb050

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIYgC/KSLJUn:ymb3NkkiQ3mdBjFI3eF4

Malware Config

Targets

    • Target

      8909118b94826c1f1950bc522142bca0N.exe

    • Size

      72KB

    • MD5

      8909118b94826c1f1950bc522142bca0

    • SHA1

      8debb3db493793d567055da751c77922c32cbc6b

    • SHA256

      3337be7ed44a48a7c6391bfdb96e50258a5ef6d262cf179b7b63013b0b9cbc8b

    • SHA512

      c943e0b1b1fe2d9b24dd3cd9e811d649d96203538c355db13bcc81018f816d49cfddddb358881b880d901848644ba23babb28ae31ea6c3accce9fa81979eb050

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIYgC/KSLJUn:ymb3NkkiQ3mdBjFI3eF4

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks