Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.9cf3421fee5725bbdd8d0b9cb699dce0.exe

  • Size

    116KB

  • Sample

    231016-w5y3sagg5s

  • MD5

    9cf3421fee5725bbdd8d0b9cb699dce0

  • SHA1

    a2d0f31a8b7dd2b2d1af5a5b8e781aa7209b0106

  • SHA256

    4cad7cd0900cc28c16f716aade26ddefd60eb295d72ce483d2aeffa2d0209754

  • SHA512

    126890ef868ce52bffb4db8b9a5e0f16d96556bc20237950415e63206ce7f6a9a9bd71bc1d9a5fc097b47d7b41245517faaa1a5fcaeea68abd1203af1a2b70fa

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFodt2zEUDBEX6w0U8wq:n3C9BRoOzEsEXJ0r

Malware Config

Targets

    • Target

      NEAS.9cf3421fee5725bbdd8d0b9cb699dce0.exe

    • Size

      116KB

    • MD5

      9cf3421fee5725bbdd8d0b9cb699dce0

    • SHA1

      a2d0f31a8b7dd2b2d1af5a5b8e781aa7209b0106

    • SHA256

      4cad7cd0900cc28c16f716aade26ddefd60eb295d72ce483d2aeffa2d0209754

    • SHA512

      126890ef868ce52bffb4db8b9a5e0f16d96556bc20237950415e63206ce7f6a9a9bd71bc1d9a5fc097b47d7b41245517faaa1a5fcaeea68abd1203af1a2b70fa

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFodt2zEUDBEX6w0U8wq:n3C9BRoOzEsEXJ0r

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks