Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.06e75f5f45da3a6ebc4930260d441780_JC.exe

  • Size

    103KB

  • Sample

    231012-tskzaaah7x

  • MD5

    06e75f5f45da3a6ebc4930260d441780

  • SHA1

    f19048f93940f94257e3867178d5d963f545424a

  • SHA256

    194dc42e838b608f6289e8074ac3cbd36363ee1e8d03a1edda3f7a32ecfd3f84

  • SHA512

    14e35fd2d54f4be4aeb1e91e2d491ce0eadc387841d934a9a197a67b71234f839da859909a408d99682f2ecbd05cba2801ee0c5b8d678745317adfd47c093f3c

  • SSDEEP

    3072:hBhOmTsF93UYfwC6GIoutbsI6p4lye+d+Q4L5:Lcm4FmowdHoSYI6p4HL5

Malware Config

Targets

    • Target

      NEAS.06e75f5f45da3a6ebc4930260d441780_JC.exe

    • Size

      103KB

    • MD5

      06e75f5f45da3a6ebc4930260d441780

    • SHA1

      f19048f93940f94257e3867178d5d963f545424a

    • SHA256

      194dc42e838b608f6289e8074ac3cbd36363ee1e8d03a1edda3f7a32ecfd3f84

    • SHA512

      14e35fd2d54f4be4aeb1e91e2d491ce0eadc387841d934a9a197a67b71234f839da859909a408d99682f2ecbd05cba2801ee0c5b8d678745317adfd47c093f3c

    • SSDEEP

      3072:hBhOmTsF93UYfwC6GIoutbsI6p4lye+d+Q4L5:Lcm4FmowdHoSYI6p4HL5

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks