Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    400b1e9e625ec04c50272d14edfa7304e5d11dcbf7ffe02b6f232b1a0a027b26.exe

  • Size

    454KB

  • Sample

    241226-yvbwlsxqhr

  • MD5

    96f45ab61eb7799b9b63ab773675bb61

  • SHA1

    b43cf35f1ce8dc07dd3bab5403389b4188155505

  • SHA256

    400b1e9e625ec04c50272d14edfa7304e5d11dcbf7ffe02b6f232b1a0a027b26

  • SHA512

    fa0902c99e5cbf4b3e07e965157071887eb61ed49e4e8502f25101243d0e89b0b424e5bce8c0c468ee888f3cc40f766a2d4cbe162f5f28292bde197ac160828f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe1:q7Tc2NYHUrAwfMp3CD1

Malware Config

Targets

    • Target

      400b1e9e625ec04c50272d14edfa7304e5d11dcbf7ffe02b6f232b1a0a027b26.exe

    • Size

      454KB

    • MD5

      96f45ab61eb7799b9b63ab773675bb61

    • SHA1

      b43cf35f1ce8dc07dd3bab5403389b4188155505

    • SHA256

      400b1e9e625ec04c50272d14edfa7304e5d11dcbf7ffe02b6f232b1a0a027b26

    • SHA512

      fa0902c99e5cbf4b3e07e965157071887eb61ed49e4e8502f25101243d0e89b0b424e5bce8c0c468ee888f3cc40f766a2d4cbe162f5f28292bde197ac160828f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe1:q7Tc2NYHUrAwfMp3CD1

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks