Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b025947833ea07e51b37b20cb909f8bea25c680a09cebe89fcc69bb8ea34c9efN.exe

  • Size

    453KB

  • Sample

    241219-mx374a1qgl

  • MD5

    4857419cbae4840067ea9949bdeee290

  • SHA1

    a78a1070e6d923b451daecdc8b1558c463f1930d

  • SHA256

    b025947833ea07e51b37b20cb909f8bea25c680a09cebe89fcc69bb8ea34c9ef

  • SHA512

    4a4dc9bf7b2e77e5eff606e6c96dae02191e288409bd9613f955abe8ddbe9af5757ca71e6c79ed4c5292c9d26cd8547baa851ffcca8fd2df115368fee0d87cb4

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeY:q7Tc2NYHUrAwfMp3CDY

Malware Config

Targets

    • Target

      b025947833ea07e51b37b20cb909f8bea25c680a09cebe89fcc69bb8ea34c9efN.exe

    • Size

      453KB

    • MD5

      4857419cbae4840067ea9949bdeee290

    • SHA1

      a78a1070e6d923b451daecdc8b1558c463f1930d

    • SHA256

      b025947833ea07e51b37b20cb909f8bea25c680a09cebe89fcc69bb8ea34c9ef

    • SHA512

      4a4dc9bf7b2e77e5eff606e6c96dae02191e288409bd9613f955abe8ddbe9af5757ca71e6c79ed4c5292c9d26cd8547baa851ffcca8fd2df115368fee0d87cb4

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeY:q7Tc2NYHUrAwfMp3CDY

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks