Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4c3a6331387f37800b414e0548cbd59dde3c101d8b8b931fbee54c7897066439

  • Size

    8.7MB

  • Sample

    241002-zhkhnaygrg

  • MD5

    55be826ed814cf1ba2d7d3b48727d847

  • SHA1

    c2d0c2f98508039dcaa08843d9ece01d5275d4bf

  • SHA256

    4c3a6331387f37800b414e0548cbd59dde3c101d8b8b931fbee54c7897066439

  • SHA512

    4f08f2aa8f4d99be48f4c82cb91305f0e67436523e7e7fadcc1da0347ead456ea354bc9813e8449959bdf40517d94cfb690dc8448307b4ab2dd1cb3cc86a30b0

  • SSDEEP

    196608:ymrEEL55UopMitAGaEXq1k3jZvOjtGPdFYgvAlEL2x8rZ0oPH7JkdcylVwO:PhX6G41kTROjWd/vA+2xk0SH7ydcF

Malware Config

Targets

    • Target

      4c3a6331387f37800b414e0548cbd59dde3c101d8b8b931fbee54c7897066439

    • Size

      8.7MB

    • MD5

      55be826ed814cf1ba2d7d3b48727d847

    • SHA1

      c2d0c2f98508039dcaa08843d9ece01d5275d4bf

    • SHA256

      4c3a6331387f37800b414e0548cbd59dde3c101d8b8b931fbee54c7897066439

    • SHA512

      4f08f2aa8f4d99be48f4c82cb91305f0e67436523e7e7fadcc1da0347ead456ea354bc9813e8449959bdf40517d94cfb690dc8448307b4ab2dd1cb3cc86a30b0

    • SSDEEP

      196608:ymrEEL55UopMitAGaEXq1k3jZvOjtGPdFYgvAlEL2x8rZ0oPH7JkdcylVwO:PhX6G41kTROjWd/vA+2xk0SH7ydcF

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks