Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    afa12aab342eaf22812d241c3d7a8a10N

  • Size

    248KB

  • Sample

    240907-yqc8wasanj

  • MD5

    afa12aab342eaf22812d241c3d7a8a10

  • SHA1

    5632f71574ad7487411fe48563f61c4ead050a07

  • SHA256

    db6ab0c2fe9acb16fcf217a96619129862e559e0ed5efddeae60506d72683e67

  • SHA512

    f5b8fd9aac80b5c6d039284bc26f1a50fe36b542295962649504dc4d9fadd5da65cb4da9c9c2566ca33cddac5453f19a879ffd2989dc674e73337ddeb656dfbf

  • SSDEEP

    6144:n3C9BRo/AIX27NHWpU00VIxas1oa3YiFRle:n3C9uD6AUDCa4NYmRQ

Malware Config

Targets

    • Target

      afa12aab342eaf22812d241c3d7a8a10N

    • Size

      248KB

    • MD5

      afa12aab342eaf22812d241c3d7a8a10

    • SHA1

      5632f71574ad7487411fe48563f61c4ead050a07

    • SHA256

      db6ab0c2fe9acb16fcf217a96619129862e559e0ed5efddeae60506d72683e67

    • SHA512

      f5b8fd9aac80b5c6d039284bc26f1a50fe36b542295962649504dc4d9fadd5da65cb4da9c9c2566ca33cddac5453f19a879ffd2989dc674e73337ddeb656dfbf

    • SSDEEP

      6144:n3C9BRo/AIX27NHWpU00VIxas1oa3YiFRle:n3C9uD6AUDCa4NYmRQ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks