Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5aab2ab70a0c3381d633346648ea2be70acdc8451fa5a03329cb03a8000b8a8d

  • Size

    8.0MB

  • Sample

    240928-qkjvgaxfqj

  • MD5

    1ac306c27443ac8119a6ea42031ee94f

  • SHA1

    5156c0822e7d0ebcb41eb38de0d498a9c9224b40

  • SHA256

    5aab2ab70a0c3381d633346648ea2be70acdc8451fa5a03329cb03a8000b8a8d

  • SHA512

    523b57c67c27b00364402d50bcf9afb3ac7f16f6dae9584a4f2ed6453c7bfc3a4f70c2d7afdca092d8f6d715a12b677e68370605fe0f1764ddb02b4dd89f3bf6

  • SSDEEP

    196608:iuKZtcsvnr6pK0j7xma2zIZHHJp+jVqHwHiBjooyEFgd:Etcs07xvL+jVq/ioJFW

Malware Config

Targets

    • Target

      5aab2ab70a0c3381d633346648ea2be70acdc8451fa5a03329cb03a8000b8a8d

    • Size

      8.0MB

    • MD5

      1ac306c27443ac8119a6ea42031ee94f

    • SHA1

      5156c0822e7d0ebcb41eb38de0d498a9c9224b40

    • SHA256

      5aab2ab70a0c3381d633346648ea2be70acdc8451fa5a03329cb03a8000b8a8d

    • SHA512

      523b57c67c27b00364402d50bcf9afb3ac7f16f6dae9584a4f2ed6453c7bfc3a4f70c2d7afdca092d8f6d715a12b677e68370605fe0f1764ddb02b4dd89f3bf6

    • SSDEEP

      196608:iuKZtcsvnr6pK0j7xma2zIZHHJp+jVqHwHiBjooyEFgd:Etcs07xvL+jVq/ioJFW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks