Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.be1ce9dd7756e2dd2edc717b0b892a20.exe

  • Size

    450KB

  • Sample

    231016-w8j32aae71

  • MD5

    be1ce9dd7756e2dd2edc717b0b892a20

  • SHA1

    acc52e41c5c7e222fdf6e59f1cc60e09fa1a511b

  • SHA256

    516954f27fe11bc5a24ee0e804b3f33412e41337d780ae04fa7c82e41a7fdbc9

  • SHA512

    6b98a9ec2c0b0ae0d1ffb54d7d321974d17dc836a2488df52bdfea2560c5d52ec512486bd8103ac06e2e62c7c0f9f076e70870e5fe279270796b086dc8f9ea72

  • SSDEEP

    12288:64wFHoSJ1zBR/p2r8Cnkhdar2oGNLty6SDXaXIKJcnsjs0STADuO1ve5yqhH:MtBR/Mr8Cnkhdar2oGNLty6SDXaXIKJ6

Malware Config

Targets

    • Target

      NEAS.be1ce9dd7756e2dd2edc717b0b892a20.exe

    • Size

      450KB

    • MD5

      be1ce9dd7756e2dd2edc717b0b892a20

    • SHA1

      acc52e41c5c7e222fdf6e59f1cc60e09fa1a511b

    • SHA256

      516954f27fe11bc5a24ee0e804b3f33412e41337d780ae04fa7c82e41a7fdbc9

    • SHA512

      6b98a9ec2c0b0ae0d1ffb54d7d321974d17dc836a2488df52bdfea2560c5d52ec512486bd8103ac06e2e62c7c0f9f076e70870e5fe279270796b086dc8f9ea72

    • SSDEEP

      12288:64wFHoSJ1zBR/p2r8Cnkhdar2oGNLty6SDXaXIKJcnsjs0STADuO1ve5yqhH:MtBR/Mr8Cnkhdar2oGNLty6SDXaXIKJ6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks