Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9623a0c8dd321952058e70356e1ad4e7902eaf59bff20e2fd91d1b6aae0e15c5N.exe

  • Size

    456KB

  • Sample

    241219-zz6r8azlgt

  • MD5

    640cf226d808afe7dadfac8600bd9730

  • SHA1

    48df3ef702eaa9fdbaa127288eee20c73c6611d2

  • SHA256

    9623a0c8dd321952058e70356e1ad4e7902eaf59bff20e2fd91d1b6aae0e15c5

  • SHA512

    fed5f8e0778e8dbd7a77001e384c917ab718b331dc92f47e89b6abea0732cebcbe409cdbe8ad6d0c877ca19e866caa05bfcfe9221b54247dbd208c5ee6d58d51

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRR:q7Tc2NYHUrAwfMp3CDRR

Malware Config

Targets

    • Target

      9623a0c8dd321952058e70356e1ad4e7902eaf59bff20e2fd91d1b6aae0e15c5N.exe

    • Size

      456KB

    • MD5

      640cf226d808afe7dadfac8600bd9730

    • SHA1

      48df3ef702eaa9fdbaa127288eee20c73c6611d2

    • SHA256

      9623a0c8dd321952058e70356e1ad4e7902eaf59bff20e2fd91d1b6aae0e15c5

    • SHA512

      fed5f8e0778e8dbd7a77001e384c917ab718b331dc92f47e89b6abea0732cebcbe409cdbe8ad6d0c877ca19e866caa05bfcfe9221b54247dbd208c5ee6d58d51

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRR:q7Tc2NYHUrAwfMp3CDRR

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks