Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    baf23d7ef9a539733a9e14c70d4c659c859442591312f55f88c8b901c6ade7a1.exe

  • Size

    454KB

  • Sample

    241226-qdhzlawpdr

  • MD5

    d7aab856e4bd64936a1088a688dcfed6

  • SHA1

    6a09edc8f6675ef7d5e1b82b58cda6d7e99c2165

  • SHA256

    baf23d7ef9a539733a9e14c70d4c659c859442591312f55f88c8b901c6ade7a1

  • SHA512

    99171a60807dd13d63065dd0e488cc2da5b92f8e17a2e8822189f1654a89983b596042683dc452b0ab9ec8642a34effb0a776e1d84edec277d5f54875de8b4df

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeZ:q7Tc2NYHUrAwfMp3CDZ

Malware Config

Targets

    • Target

      baf23d7ef9a539733a9e14c70d4c659c859442591312f55f88c8b901c6ade7a1.exe

    • Size

      454KB

    • MD5

      d7aab856e4bd64936a1088a688dcfed6

    • SHA1

      6a09edc8f6675ef7d5e1b82b58cda6d7e99c2165

    • SHA256

      baf23d7ef9a539733a9e14c70d4c659c859442591312f55f88c8b901c6ade7a1

    • SHA512

      99171a60807dd13d63065dd0e488cc2da5b92f8e17a2e8822189f1654a89983b596042683dc452b0ab9ec8642a34effb0a776e1d84edec277d5f54875de8b4df

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeZ:q7Tc2NYHUrAwfMp3CDZ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks