Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.064cd27053535b9f6862f7bf89383de0_JC.exe

  • Size

    101KB

  • Sample

    231016-pz878sgf57

  • MD5

    064cd27053535b9f6862f7bf89383de0

  • SHA1

    518e70e9b02497390c64d5d1b3805ec9d13d1100

  • SHA256

    859ea7cf3cde970c32c2b6d3dccc7753cbafd9cf8a7bb29eff624259db4b31fc

  • SHA512

    e880c3b66b6d021d0bd82f13884e0d1b26f77d95ddc705fdd7fd00e562535b16105f898a5e846c26352c957dd95da9eb95c4cc230c7fac7d3b275d0cef71b1da

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo7NguQG1nug55eJ/dLLm:n3C9BRo+ZgjeBdLLm

Malware Config

Targets

    • Target

      NEAS.064cd27053535b9f6862f7bf89383de0_JC.exe

    • Size

      101KB

    • MD5

      064cd27053535b9f6862f7bf89383de0

    • SHA1

      518e70e9b02497390c64d5d1b3805ec9d13d1100

    • SHA256

      859ea7cf3cde970c32c2b6d3dccc7753cbafd9cf8a7bb29eff624259db4b31fc

    • SHA512

      e880c3b66b6d021d0bd82f13884e0d1b26f77d95ddc705fdd7fd00e562535b16105f898a5e846c26352c957dd95da9eb95c4cc230c7fac7d3b275d0cef71b1da

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo7NguQG1nug55eJ/dLLm:n3C9BRo+ZgjeBdLLm

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks