Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.817a5f9e187de87149c31f39f3688c70.exe

  • Size

    94KB

  • Sample

    231014-wm22qace2s

  • MD5

    817a5f9e187de87149c31f39f3688c70

  • SHA1

    b090b4cee1629c4b7822571951dbe7f8b48a9c15

  • SHA256

    eb442cc4599239a901e6d9dc4e73234c3cffd9c73a88d2fd4599bdc1cc7fef1b

  • SHA512

    e2d3dc78594a0e1c84f0d45dee59108792c85bdd0b2572e87c0936b2897202bca3b93aca54f279d621957a83ff450fa02268ee33c93ccfdf7a9b78aae4d36512

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo7MJeS051zTtglh78q4:ymb3NkkiQ3mdBjFo7oefXKLY9

Malware Config

Targets

    • Target

      NEAS.817a5f9e187de87149c31f39f3688c70.exe

    • Size

      94KB

    • MD5

      817a5f9e187de87149c31f39f3688c70

    • SHA1

      b090b4cee1629c4b7822571951dbe7f8b48a9c15

    • SHA256

      eb442cc4599239a901e6d9dc4e73234c3cffd9c73a88d2fd4599bdc1cc7fef1b

    • SHA512

      e2d3dc78594a0e1c84f0d45dee59108792c85bdd0b2572e87c0936b2897202bca3b93aca54f279d621957a83ff450fa02268ee33c93ccfdf7a9b78aae4d36512

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo7MJeS051zTtglh78q4:ymb3NkkiQ3mdBjFo7oefXKLY9

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks