Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b3c949ec785b5189fe376fcb915d5f1c923f9de3eb19b3b0891f909b619e10cfN.exe

  • Size

    452KB

  • Sample

    241226-nkqa5svjgr

  • MD5

    975c19201fb17237426cbcd542b42000

  • SHA1

    3748f62e0333bf6f5bce48ca4c8c7371d7196dee

  • SHA256

    b3c949ec785b5189fe376fcb915d5f1c923f9de3eb19b3b0891f909b619e10cf

  • SHA512

    a8072e820e1c893ee464931fc07af988d899e3ec6be0c2e0d147aa6852b34e43c757d0fbf9f9ae8c9609c8516096e4e2a596fe544601e3b49ec0d69c5976b9d8

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAber:q7Tc2NYHUrAwfMp3CDr

Malware Config

Targets

    • Target

      b3c949ec785b5189fe376fcb915d5f1c923f9de3eb19b3b0891f909b619e10cfN.exe

    • Size

      452KB

    • MD5

      975c19201fb17237426cbcd542b42000

    • SHA1

      3748f62e0333bf6f5bce48ca4c8c7371d7196dee

    • SHA256

      b3c949ec785b5189fe376fcb915d5f1c923f9de3eb19b3b0891f909b619e10cf

    • SHA512

      a8072e820e1c893ee464931fc07af988d899e3ec6be0c2e0d147aa6852b34e43c757d0fbf9f9ae8c9609c8516096e4e2a596fe544601e3b49ec0d69c5976b9d8

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAber:q7Tc2NYHUrAwfMp3CDr

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks