Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b1f6b1bb63f8e9ec0bd6691c41b1221ccb1463a18e4080f24864174b3fcd0a5aN.exe

  • Size

    454KB

  • Sample

    241226-mnj3vstlgj

  • MD5

    483f1a72619d1f27b52dc73259819d30

  • SHA1

    75275e298e9e1fc74f9de91bc0cb26f3fc5fa4a2

  • SHA256

    b1f6b1bb63f8e9ec0bd6691c41b1221ccb1463a18e4080f24864174b3fcd0a5a

  • SHA512

    ed642b91a5fea7d2b3f7369d639d4f5715e05d2bbef054d7948273441b814016f2b936655dd235a87b2d5265f32d4e4d093627ce99ad9ac9d02f4aad0168a3c5

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeg:q7Tc2NYHUrAwfMp3CDg

Malware Config

Targets

    • Target

      b1f6b1bb63f8e9ec0bd6691c41b1221ccb1463a18e4080f24864174b3fcd0a5aN.exe

    • Size

      454KB

    • MD5

      483f1a72619d1f27b52dc73259819d30

    • SHA1

      75275e298e9e1fc74f9de91bc0cb26f3fc5fa4a2

    • SHA256

      b1f6b1bb63f8e9ec0bd6691c41b1221ccb1463a18e4080f24864174b3fcd0a5a

    • SHA512

      ed642b91a5fea7d2b3f7369d639d4f5715e05d2bbef054d7948273441b814016f2b936655dd235a87b2d5265f32d4e4d093627ce99ad9ac9d02f4aad0168a3c5

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeg:q7Tc2NYHUrAwfMp3CDg

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks