Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4N

  • Size

    332KB

  • Sample

    241003-hpwqtstfld

  • MD5

    2aeeefeadf5037a74f1c550df65c73d0

  • SHA1

    d9e3d971c406b56a538a79aac5acdc56ebf8b167

  • SHA256

    0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4

  • SHA512

    7fef9665fa3a3070f37fcead438ad08ee4793c35a5bf2b94750d512e9f9f75cbf5af7240cb8746ffb486cf67ead461fa9fef69d8f4d5c00fd15aee4e01aaeda5

  • SSDEEP

    6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhQ:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTg

Malware Config

Targets

    • Target

      0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4N

    • Size

      332KB

    • MD5

      2aeeefeadf5037a74f1c550df65c73d0

    • SHA1

      d9e3d971c406b56a538a79aac5acdc56ebf8b167

    • SHA256

      0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4

    • SHA512

      7fef9665fa3a3070f37fcead438ad08ee4793c35a5bf2b94750d512e9f9f75cbf5af7240cb8746ffb486cf67ead461fa9fef69d8f4d5c00fd15aee4e01aaeda5

    • SSDEEP

      6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhQ:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTg

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks