Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe.exe

  • Size

    455KB

  • Sample

    241226-y3azaaykgq

  • MD5

    730024d670661855cc6d71257a5b8981

  • SHA1

    619f085c62270414c08f9877756192b29ae183a6

  • SHA256

    166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe

  • SHA512

    793f944801d7ffa17af10f03c8c734d6c543f7704cf06284db51f003a8f89365732b0811696aac426c6ffd2ef873be406232482ba2f928b264433d5060c0f184

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe+Y:q7Tc2NYHUrAwfMp3CD+Y

Malware Config

Targets

    • Target

      166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe.exe

    • Size

      455KB

    • MD5

      730024d670661855cc6d71257a5b8981

    • SHA1

      619f085c62270414c08f9877756192b29ae183a6

    • SHA256

      166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe

    • SHA512

      793f944801d7ffa17af10f03c8c734d6c543f7704cf06284db51f003a8f89365732b0811696aac426c6ffd2ef873be406232482ba2f928b264433d5060c0f184

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe+Y:q7Tc2NYHUrAwfMp3CD+Y

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks