Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    141b38a326a9b515657f4f5df1c503c1a32172782afb53b877785fea99cd77a9N.exe

  • Size

    453KB

  • Sample

    241225-3ff91a1met

  • MD5

    0f11cf5335407caf1fcfcf3c8bcb3c60

  • SHA1

    0621a07c5ca3db8501175efb13168e7f51933bbd

  • SHA256

    141b38a326a9b515657f4f5df1c503c1a32172782afb53b877785fea99cd77a9

  • SHA512

    d531d625880816b18cdd600559c9dce5097f19fe554d66876955330bed07202acf8dfef21f637fd0cd414c6b1bc4bd2fb036b12b666f7e96698fd57d0db43d34

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT:q7Tc2NYHUrAwfMp3CDT

Malware Config

Targets

    • Target

      141b38a326a9b515657f4f5df1c503c1a32172782afb53b877785fea99cd77a9N.exe

    • Size

      453KB

    • MD5

      0f11cf5335407caf1fcfcf3c8bcb3c60

    • SHA1

      0621a07c5ca3db8501175efb13168e7f51933bbd

    • SHA256

      141b38a326a9b515657f4f5df1c503c1a32172782afb53b877785fea99cd77a9

    • SHA512

      d531d625880816b18cdd600559c9dce5097f19fe554d66876955330bed07202acf8dfef21f637fd0cd414c6b1bc4bd2fb036b12b666f7e96698fd57d0db43d34

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT:q7Tc2NYHUrAwfMp3CDT

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks