Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    953c755d28559a20bf5fcc468c68cd045050dd37db0afdfe47a6630613888dfb

  • Size

    10.5MB

  • Sample

    240909-zhk47a1dlb

  • MD5

    be47985bf610ae067b331183bc4d9aba

  • SHA1

    6d074eadbf8ba443038d8945c452fcc523d9e379

  • SHA256

    953c755d28559a20bf5fcc468c68cd045050dd37db0afdfe47a6630613888dfb

  • SHA512

    98ffd97524c0d1113aec0a41e3e318661e623faa7727e039e81996a56b820edc369b1ddc1e6b0f588e915470bb58bfacdad71728efd00f1bb4517e118540268c

  • SSDEEP

    196608:OMCE4ETzBhSyn9xk1+0qt1/HehyuQB1GVJ4z5GTTUnYjZioL1Ea1chW:OMfTSuY16t1P+JQKjU5GTTEYjb1NE

Malware Config

Targets

    • Target

      953c755d28559a20bf5fcc468c68cd045050dd37db0afdfe47a6630613888dfb

    • Size

      10.5MB

    • MD5

      be47985bf610ae067b331183bc4d9aba

    • SHA1

      6d074eadbf8ba443038d8945c452fcc523d9e379

    • SHA256

      953c755d28559a20bf5fcc468c68cd045050dd37db0afdfe47a6630613888dfb

    • SHA512

      98ffd97524c0d1113aec0a41e3e318661e623faa7727e039e81996a56b820edc369b1ddc1e6b0f588e915470bb58bfacdad71728efd00f1bb4517e118540268c

    • SSDEEP

      196608:OMCE4ETzBhSyn9xk1+0qt1/HehyuQB1GVJ4z5GTTUnYjZioL1Ea1chW:OMfTSuY16t1P+JQKjU5GTTEYjb1NE

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks