Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.d1eaa72d63b42f7fab1d017e4090c640.exe

  • Size

    63KB

  • Sample

    231016-xamlyadc89

  • MD5

    d1eaa72d63b42f7fab1d017e4090c640

  • SHA1

    e9c5707535e74c9a471483ef36a0b9032aab703e

  • SHA256

    636afb1190c5240ab077fa8b66350129403d90236f5f09d8f749b0c5ba804492

  • SHA512

    fb65a82819d5f37d9340e4285918896bb18d8762446ca508254a86430c00362a6b5deb28bec9035c9d49f190271227a496624b77c34a6a851b72c951bb1118ec

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIWHKAbDTR6z:ymb3NkkiQ3mdBjFIWHn16z

Malware Config

Targets

    • Target

      NEAS.d1eaa72d63b42f7fab1d017e4090c640.exe

    • Size

      63KB

    • MD5

      d1eaa72d63b42f7fab1d017e4090c640

    • SHA1

      e9c5707535e74c9a471483ef36a0b9032aab703e

    • SHA256

      636afb1190c5240ab077fa8b66350129403d90236f5f09d8f749b0c5ba804492

    • SHA512

      fb65a82819d5f37d9340e4285918896bb18d8762446ca508254a86430c00362a6b5deb28bec9035c9d49f190271227a496624b77c34a6a851b72c951bb1118ec

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIWHKAbDTR6z:ymb3NkkiQ3mdBjFIWHn16z

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks