Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aa91fbb58bf1690e6c17a8f6849ae300N.exe

  • Size

    366KB

  • Sample

    240906-vcmzdaxcrl

  • MD5

    aa91fbb58bf1690e6c17a8f6849ae300

  • SHA1

    8a23e5a2e6fdcfd6f33ee1162a52a28cb95a66be

  • SHA256

    d6edd4c3fff2e8b29ee6709e21fa0c124a33508f412a47da2f5a4d93e4c2d7df

  • SHA512

    31b6a1947dc768fbf3db1ad37cf34349113ad4f97e37cd24a049fae7a308f488ae865cb3c3891c30c34d8b1a356f5dcb5e071103ae60a7075c2619faa8f47c06

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBu+:n3C9ytvngQj429nnzeZhBv

Malware Config

Targets

    • Target

      aa91fbb58bf1690e6c17a8f6849ae300N.exe

    • Size

      366KB

    • MD5

      aa91fbb58bf1690e6c17a8f6849ae300

    • SHA1

      8a23e5a2e6fdcfd6f33ee1162a52a28cb95a66be

    • SHA256

      d6edd4c3fff2e8b29ee6709e21fa0c124a33508f412a47da2f5a4d93e4c2d7df

    • SHA512

      31b6a1947dc768fbf3db1ad37cf34349113ad4f97e37cd24a049fae7a308f488ae865cb3c3891c30c34d8b1a356f5dcb5e071103ae60a7075c2619faa8f47c06

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBu+:n3C9ytvngQj429nnzeZhBv

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks