Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3548ff2252f50b9c7a6bddda5ae6d78ecd54fc0e7396c6e04eda2b7c4a319b0d

  • Size

    1.4MB

  • Sample

    241010-dz5z2asbrn

  • MD5

    bbcf0b61e89609c55b857e7b721a383d

  • SHA1

    ede9082fd838f08b10e6074ed70f90d6ee2dbc20

  • SHA256

    3548ff2252f50b9c7a6bddda5ae6d78ecd54fc0e7396c6e04eda2b7c4a319b0d

  • SHA512

    d7a38587bc4487f4f2a645555b37ed51f16d110912782dc37667bdf46f2fd160ab2774a7a46123749ed7393efd8cb9c311f700eaa47ad4973deb267a038c1d30

  • SSDEEP

    24576:M6kVbMHt9Ti59958eW2ZMI9v+CQ9t4ssA4MahS0VXzAK1JaUdx/j1WCZHbjJsD63:MFVbgTWk2ZMTI355aqnNbjJT

Malware Config

Targets

    • Target

      3548ff2252f50b9c7a6bddda5ae6d78ecd54fc0e7396c6e04eda2b7c4a319b0d

    • Size

      1.4MB

    • MD5

      bbcf0b61e89609c55b857e7b721a383d

    • SHA1

      ede9082fd838f08b10e6074ed70f90d6ee2dbc20

    • SHA256

      3548ff2252f50b9c7a6bddda5ae6d78ecd54fc0e7396c6e04eda2b7c4a319b0d

    • SHA512

      d7a38587bc4487f4f2a645555b37ed51f16d110912782dc37667bdf46f2fd160ab2774a7a46123749ed7393efd8cb9c311f700eaa47ad4973deb267a038c1d30

    • SSDEEP

      24576:M6kVbMHt9Ti59958eW2ZMI9v+CQ9t4ssA4MahS0VXzAK1JaUdx/j1WCZHbjJsD63:MFVbgTWk2ZMTI355aqnNbjJT

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks