Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d0b4647d03db916ae44171aca59be5a5f2668e05a1df94899a520fb42324a324

  • Size

    333KB

  • Sample

    250111-hkdz8askcm

  • MD5

    e2ef38dc1e48bdd8345b740d71c59ed1

  • SHA1

    4cc3ae307f9190cdeee59eb43a7e34bf1a379ccd

  • SHA256

    d0b4647d03db916ae44171aca59be5a5f2668e05a1df94899a520fb42324a324

  • SHA512

    3c1722e62292f1c506abdb37dbe799270d509e4a524b422688b159e01e2e3eed777c476206c7a2b15e1d1ecef75b440707e85b24eccfdc1d674c1dd5f768fb56

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeL:R4wFHoSHYHUrAwfMp3CDL

Malware Config

Targets

    • Target

      d0b4647d03db916ae44171aca59be5a5f2668e05a1df94899a520fb42324a324

    • Size

      333KB

    • MD5

      e2ef38dc1e48bdd8345b740d71c59ed1

    • SHA1

      4cc3ae307f9190cdeee59eb43a7e34bf1a379ccd

    • SHA256

      d0b4647d03db916ae44171aca59be5a5f2668e05a1df94899a520fb42324a324

    • SHA512

      3c1722e62292f1c506abdb37dbe799270d509e4a524b422688b159e01e2e3eed777c476206c7a2b15e1d1ecef75b440707e85b24eccfdc1d674c1dd5f768fb56

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeL:R4wFHoSHYHUrAwfMp3CDL

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks