Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.1ce90c1fc37408b1726d4d275da6b370.exe

  • Size

    365KB

  • Sample

    231013-yg9kqaef8x

  • MD5

    1ce90c1fc37408b1726d4d275da6b370

  • SHA1

    4447fc1ee331efef6f2bdf8c4e84064811e3a787

  • SHA256

    876e9593abbf79bac6310b9aab1e7bf504bb6db9cb8013cbf73f659d5c057156

  • SHA512

    17d9ca8936e54045c429bf66a4b7f37a871cd55d2dad6b57443c660bb5bbb41629f02743374b19848cb118d40dd3253265a1c13b3dd117f7e65056c6c89055aa

  • SSDEEP

    6144:9cm4FmowdHoSdSyEAxyx/ZrTTr4qIMgE8t:/4wFHoSQuxy3rTXIM18t

Malware Config

Targets

    • Target

      NEAS.1ce90c1fc37408b1726d4d275da6b370.exe

    • Size

      365KB

    • MD5

      1ce90c1fc37408b1726d4d275da6b370

    • SHA1

      4447fc1ee331efef6f2bdf8c4e84064811e3a787

    • SHA256

      876e9593abbf79bac6310b9aab1e7bf504bb6db9cb8013cbf73f659d5c057156

    • SHA512

      17d9ca8936e54045c429bf66a4b7f37a871cd55d2dad6b57443c660bb5bbb41629f02743374b19848cb118d40dd3253265a1c13b3dd117f7e65056c6c89055aa

    • SSDEEP

      6144:9cm4FmowdHoSdSyEAxyx/ZrTTr4qIMgE8t:/4wFHoSQuxy3rTXIM18t

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks