Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.ea4add3c985321c4762947521f50e4c0_JC.exe

  • Size

    191KB

  • Sample

    231008-t59heaed41

  • MD5

    ea4add3c985321c4762947521f50e4c0

  • SHA1

    1cef3f8a7976d6aef4b08dac2fd33e4baaead3a4

  • SHA256

    d78984838fc791c2e5e34fce5fa9e78d2a97774f02b8333f24caf867ed028b7a

  • SHA512

    894f67a889ae227ae4ab30ac30b6a4bff2d948287fcb9e10d28d22b61ce2a86dd66818074205c3024295f7338f25cf5816405f8997454a489691563c8006463c

  • SSDEEP

    3072:8hOmTsF93UYfwC6GIoutpVBHRasyiBh3Fv9KdYGUSy3ByE9xPwWTeGm9ASl:8cm4FmowdHoSpVxRasyiBh3F2Y9iE9xw

Malware Config

Targets

    • Target

      NEAS.ea4add3c985321c4762947521f50e4c0_JC.exe

    • Size

      191KB

    • MD5

      ea4add3c985321c4762947521f50e4c0

    • SHA1

      1cef3f8a7976d6aef4b08dac2fd33e4baaead3a4

    • SHA256

      d78984838fc791c2e5e34fce5fa9e78d2a97774f02b8333f24caf867ed028b7a

    • SHA512

      894f67a889ae227ae4ab30ac30b6a4bff2d948287fcb9e10d28d22b61ce2a86dd66818074205c3024295f7338f25cf5816405f8997454a489691563c8006463c

    • SSDEEP

      3072:8hOmTsF93UYfwC6GIoutpVBHRasyiBh3Fv9KdYGUSy3ByE9xPwWTeGm9ASl:8cm4FmowdHoSpVxRasyiBh3F2Y9iE9xw

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks