Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1fdf6f0bd4ecf75e40b3149d127614435494a31fd9aacb616c87300e0f0e7b77N.exe

  • Size

    454KB

  • Sample

    241219-1d548s1kdj

  • MD5

    b2ba63df2c440cba32dba8d540953ef0

  • SHA1

    661b62e72dbfab87aea13d0677633b9113139d78

  • SHA256

    1fdf6f0bd4ecf75e40b3149d127614435494a31fd9aacb616c87300e0f0e7b77

  • SHA512

    21adf3990b7daf8b5771dedb7ec402179dacd36c6098e192a6cbe96467674a4c520e91e0c82b8889188d4660483f042b0a3f2d894257b7207998acde732f1055

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbep:q7Tc2NYHUrAwfMp3CDp

Malware Config

Targets

    • Target

      1fdf6f0bd4ecf75e40b3149d127614435494a31fd9aacb616c87300e0f0e7b77N.exe

    • Size

      454KB

    • MD5

      b2ba63df2c440cba32dba8d540953ef0

    • SHA1

      661b62e72dbfab87aea13d0677633b9113139d78

    • SHA256

      1fdf6f0bd4ecf75e40b3149d127614435494a31fd9aacb616c87300e0f0e7b77

    • SHA512

      21adf3990b7daf8b5771dedb7ec402179dacd36c6098e192a6cbe96467674a4c520e91e0c82b8889188d4660483f042b0a3f2d894257b7207998acde732f1055

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbep:q7Tc2NYHUrAwfMp3CDp

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks