Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.6c331072a17055c741e10e036b568e40.exe

  • Size

    156KB

  • Sample

    231016-w1z5aaed9y

  • MD5

    6c331072a17055c741e10e036b568e40

  • SHA1

    ffb9e2de756cc35c6f6247fc477e5a016ff09075

  • SHA256

    ea08ddd5eb04ea322dd73b615203de1724f2a3380374c2b3061b5db290fcbcb3

  • SHA512

    dd235582420741281cd316f130141317ebee5d39639f3993c00c0f6f8fd0f5f0e5c4ffe90571fa19820288063574054617ecd9eb1e6e6fee09d0e0ca175951b5

  • SSDEEP

    3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4tpxPI:kcm4FmowdHoSphraHcpOFltH4tpxPI

Malware Config

Targets

    • Target

      NEAS.6c331072a17055c741e10e036b568e40.exe

    • Size

      156KB

    • MD5

      6c331072a17055c741e10e036b568e40

    • SHA1

      ffb9e2de756cc35c6f6247fc477e5a016ff09075

    • SHA256

      ea08ddd5eb04ea322dd73b615203de1724f2a3380374c2b3061b5db290fcbcb3

    • SHA512

      dd235582420741281cd316f130141317ebee5d39639f3993c00c0f6f8fd0f5f0e5c4ffe90571fa19820288063574054617ecd9eb1e6e6fee09d0e0ca175951b5

    • SSDEEP

      3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4tpxPI:kcm4FmowdHoSphraHcpOFltH4tpxPI

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks