Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    67b998a04d0a9277eacc0f080e1fd6d5b7a4d2c2d13c8ed2d45994d046789b77.exe

  • Size

    453KB

  • Sample

    241225-25khaa1kev

  • MD5

    504d2daf4325e92a95a56e3bdd575423

  • SHA1

    b7b497b7c316c1f99d9b8d06c39f52cec83df12d

  • SHA256

    67b998a04d0a9277eacc0f080e1fd6d5b7a4d2c2d13c8ed2d45994d046789b77

  • SHA512

    9a6d801b15244b7b40b2340c546ab64668e4db3ec5f6be7537198dffd4523c144f9c11b557cba297087ab73c6eda63df71abc43c120ece5756ac855c6d19c85d

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

Malware Config

Targets

    • Target

      67b998a04d0a9277eacc0f080e1fd6d5b7a4d2c2d13c8ed2d45994d046789b77.exe

    • Size

      453KB

    • MD5

      504d2daf4325e92a95a56e3bdd575423

    • SHA1

      b7b497b7c316c1f99d9b8d06c39f52cec83df12d

    • SHA256

      67b998a04d0a9277eacc0f080e1fd6d5b7a4d2c2d13c8ed2d45994d046789b77

    • SHA512

      9a6d801b15244b7b40b2340c546ab64668e4db3ec5f6be7537198dffd4523c144f9c11b557cba297087ab73c6eda63df71abc43c120ece5756ac855c6d19c85d

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks