Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.c252505c79510da182f5a4ed4ad15d90.exe

  • Size

    191KB

  • Sample

    231014-xwh6mshg42

  • MD5

    c252505c79510da182f5a4ed4ad15d90

  • SHA1

    3424897492399a3ea088156ff9d35242a798833c

  • SHA256

    91294d1eec0da217958ca74a5568b612a21dff362fea42b8494fd295b12a0e5e

  • SHA512

    9b21555c36d70405511ec5f3acd8ee8594f8bb411c83b4232ff9ced6ee9361954467eae884146b44e8a48536adcf526ae2ca7b5615bd702046c135107fdde434

  • SSDEEP

    3072:UhOmTsF93UYfwC6GIoutmm6tAjGIs3Fv9KdYGUSy3ByE9muR4:Ucm4FmowdHoSmm6Wg3F2Y9iE9m1

Malware Config

Targets

    • Target

      NEAS.c252505c79510da182f5a4ed4ad15d90.exe

    • Size

      191KB

    • MD5

      c252505c79510da182f5a4ed4ad15d90

    • SHA1

      3424897492399a3ea088156ff9d35242a798833c

    • SHA256

      91294d1eec0da217958ca74a5568b612a21dff362fea42b8494fd295b12a0e5e

    • SHA512

      9b21555c36d70405511ec5f3acd8ee8594f8bb411c83b4232ff9ced6ee9361954467eae884146b44e8a48536adcf526ae2ca7b5615bd702046c135107fdde434

    • SSDEEP

      3072:UhOmTsF93UYfwC6GIoutmm6tAjGIs3Fv9KdYGUSy3ByE9muR4:Ucm4FmowdHoSmm6Wg3F2Y9iE9m1

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks