Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
140s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/09/2024, 20:14
General
-
Target
0585be4f98856af13430b2e7c07aeb99e485eda6f51c417dcaced41dccc7a787.exe
-
Size
672KB
-
MD5
dda04fa14ffd0a174cc457c95173baee
-
SHA1
c6e9fda4181e5123255d882695521912f80c4102
-
SHA256
0585be4f98856af13430b2e7c07aeb99e485eda6f51c417dcaced41dccc7a787
-
SHA512
10aec9050ca7fa421e5c49b74464f97291a22a92aef32c841038f584e32f41012b1a8ea8113c2b1f4264772962112283439c6a2d87a1acc66c29dd37a95dac62
-
SSDEEP
12288:s7kim5fXOrp+U/PkjVq9E15f0YfU1LoScz617wx7z0w8wta9QwuO9oS:sTOPOl+isV2uf0Cp68n8HWw
Score
10/10
Malware Config
Signatures
-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\0585be4f98856af13430b2e7c07aeb99e485eda6f51c417dcaced41dccc7a787.exe"C:\Users\Admin\AppData\Local\Temp\0585be4f98856af13430b2e7c07aeb99e485eda6f51c417dcaced41dccc7a787.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.8MB
-
Filesize
2.8MB