Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.aae33400556c1f43f617036f1bf83300.exe

  • Size

    138KB

  • Sample

    231016-w6wztahe4v

  • MD5

    aae33400556c1f43f617036f1bf83300

  • SHA1

    73f59ea973f56030d38548d9c946706ec5ad0042

  • SHA256

    7acfdd8db2bf6f775408fd96d06babbb8d2cec670c44b72d399506f36cd8f548

  • SHA512

    70d358f1335380fbedc5af36c00fd492453c1c60b6918d45c287bbd9a6d6d2f42013ae832d8dad152f50e8e8ca5de7b04a66fb2242d674af407f1de657f29310

  • SSDEEP

    3072:EhOmTsF93UYfwC6GIoutcEDjmDH6lPqZD2N/67ZWRZWZ1AgkniEz:Ecm4FmowdHoScQmL6l6O/8WOWiEz

Malware Config

Targets

    • Target

      NEAS.aae33400556c1f43f617036f1bf83300.exe

    • Size

      138KB

    • MD5

      aae33400556c1f43f617036f1bf83300

    • SHA1

      73f59ea973f56030d38548d9c946706ec5ad0042

    • SHA256

      7acfdd8db2bf6f775408fd96d06babbb8d2cec670c44b72d399506f36cd8f548

    • SHA512

      70d358f1335380fbedc5af36c00fd492453c1c60b6918d45c287bbd9a6d6d2f42013ae832d8dad152f50e8e8ca5de7b04a66fb2242d674af407f1de657f29310

    • SSDEEP

      3072:EhOmTsF93UYfwC6GIoutcEDjmDH6lPqZD2N/67ZWRZWZ1AgkniEz:Ecm4FmowdHoScQmL6l6O/8WOWiEz

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks