Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a730c7928d48338f2b0ca072585ccf95901f7dd35f73a8cea92b8e85ac11cb41N.exe

  • Size

    453KB

  • Sample

    241226-nbat4atpfy

  • MD5

    9faebdeedd066ef8fef5bd2a18868370

  • SHA1

    5baef415cc595543fa22492ebf01468a3a14db85

  • SHA256

    a730c7928d48338f2b0ca072585ccf95901f7dd35f73a8cea92b8e85ac11cb41

  • SHA512

    3691dbf72f175b963caaf861144c95e290ba491d14151bfa17f3ad8431192cbd9d6f8be58f49a8b50d0cb1e4fb8ad56d0968c6fe5fd3df05d817c710abd1f749

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbea:q7Tc2NYHUrAwfMp3CDa

Malware Config

Targets

    • Target

      a730c7928d48338f2b0ca072585ccf95901f7dd35f73a8cea92b8e85ac11cb41N.exe

    • Size

      453KB

    • MD5

      9faebdeedd066ef8fef5bd2a18868370

    • SHA1

      5baef415cc595543fa22492ebf01468a3a14db85

    • SHA256

      a730c7928d48338f2b0ca072585ccf95901f7dd35f73a8cea92b8e85ac11cb41

    • SHA512

      3691dbf72f175b963caaf861144c95e290ba491d14151bfa17f3ad8431192cbd9d6f8be58f49a8b50d0cb1e4fb8ad56d0968c6fe5fd3df05d817c710abd1f749

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbea:q7Tc2NYHUrAwfMp3CDa

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks