Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.c57ba2924aa4a5bb6a79ff6e4371ced0.exe

  • Size

    331KB

  • Sample

    231013-ze99xahg23

  • MD5

    c57ba2924aa4a5bb6a79ff6e4371ced0

  • SHA1

    6e4fccb7a4933959f5d2639d82914cba52468721

  • SHA256

    745183eeef421cbf3e1406a3fc754e8c2040ffa10adb2507752ca65aba1f1001

  • SHA512

    286bcee12f7d3f15962b89a1dd92419a30bf555df63a668351ec169532c8e6c836c2de643e4881437241b6614cb06c3488a18943d370b070621cb33bac1c637e

  • SSDEEP

    6144:ccm4FmowdHoS5ddWX+azj+aSwd4w5AbjlB6:K4wFHoS5ddWX+Wr4w5Abjm

Malware Config

Targets

    • Target

      NEAS.c57ba2924aa4a5bb6a79ff6e4371ced0.exe

    • Size

      331KB

    • MD5

      c57ba2924aa4a5bb6a79ff6e4371ced0

    • SHA1

      6e4fccb7a4933959f5d2639d82914cba52468721

    • SHA256

      745183eeef421cbf3e1406a3fc754e8c2040ffa10adb2507752ca65aba1f1001

    • SHA512

      286bcee12f7d3f15962b89a1dd92419a30bf555df63a668351ec169532c8e6c836c2de643e4881437241b6614cb06c3488a18943d370b070621cb33bac1c637e

    • SSDEEP

      6144:ccm4FmowdHoS5ddWX+azj+aSwd4w5AbjlB6:K4wFHoS5ddWX+Wr4w5Abjm

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks