Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    472bd330bb99ac58fdf6b770c0a568d0N.exe

  • Size

    358KB

  • Sample

    240823-qmjbqawdrc

  • MD5

    472bd330bb99ac58fdf6b770c0a568d0

  • SHA1

    bf817f6e596652c42ae64cbe9b2e5632948c5864

  • SHA256

    55b94a4b3482bb51e521fd10a460ed780f2d0304da4f563e376783b170e6c7f0

  • SHA512

    ff4abb123da17010b86af7c8654f0b2e3038796565fd086784cd5ade8295e4e4b3108fbb57fb84ff58ca06c2822c5847d1c8ef99a3c1fd13afc5cca6f51813a3

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp9FrHSwh/c/hdTWGIaxJ8TN005pWmjVwdSsyy:n3C9BRo7tvnJ9Fywhk/T7xyTpShZB

Malware Config

Targets

    • Target

      472bd330bb99ac58fdf6b770c0a568d0N.exe

    • Size

      358KB

    • MD5

      472bd330bb99ac58fdf6b770c0a568d0

    • SHA1

      bf817f6e596652c42ae64cbe9b2e5632948c5864

    • SHA256

      55b94a4b3482bb51e521fd10a460ed780f2d0304da4f563e376783b170e6c7f0

    • SHA512

      ff4abb123da17010b86af7c8654f0b2e3038796565fd086784cd5ade8295e4e4b3108fbb57fb84ff58ca06c2822c5847d1c8ef99a3c1fd13afc5cca6f51813a3

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp9FrHSwh/c/hdTWGIaxJ8TN005pWmjVwdSsyy:n3C9BRo7tvnJ9Fywhk/T7xyTpShZB

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks