Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.b5056e8714ac117d31ee6c932c4d0320.exe

  • Size

    214KB

  • Sample

    231013-zdlj6agd27

  • MD5

    b5056e8714ac117d31ee6c932c4d0320

  • SHA1

    809e888bb38f1410215d70237c2095fecbe19bdb

  • SHA256

    13d7d34373499a356b017f2381f28d93855e439ea4d801acce2c45de58181eab

  • SHA512

    fc9e2e7707bc7de6308fbcad908736d90b09a27ba2deeb25101256e9ae0e857a2c941fc66a3d1564fb1b0140ad555a5c241096289d64a5557c82b4c3ccf2d30c

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31owzi:n3C9BRo7MlrWKo+lBzi

Malware Config

Targets

    • Target

      NEAS.b5056e8714ac117d31ee6c932c4d0320.exe

    • Size

      214KB

    • MD5

      b5056e8714ac117d31ee6c932c4d0320

    • SHA1

      809e888bb38f1410215d70237c2095fecbe19bdb

    • SHA256

      13d7d34373499a356b017f2381f28d93855e439ea4d801acce2c45de58181eab

    • SHA512

      fc9e2e7707bc7de6308fbcad908736d90b09a27ba2deeb25101256e9ae0e857a2c941fc66a3d1564fb1b0140ad555a5c241096289d64a5557c82b4c3ccf2d30c

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31owzi:n3C9BRo7MlrWKo+lBzi

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks