Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.dbb80a5cbc906229743f0861b4a1ee80.exe

  • Size

    113KB

  • Sample

    231021-1ev1naca95

  • MD5

    dbb80a5cbc906229743f0861b4a1ee80

  • SHA1

    18407eb69b3f90b8b8ccbeb3f47541592417ba81

  • SHA256

    c8e70ae1065f08598fb52f137aa653aae949e547d3637e20e978ff7b42ca278f

  • SHA512

    3efdcdfce4efb5c7ab6f8d27efaeea8be203a6e34dfd43910202644dad7f0c53b7af27fc6d620520735672ba4893c7744264d492c224a6416ac9eb35e69667d7

  • SSDEEP

    3072:xhOmTsF93UYfwC6GIoutkYcvrqrE66kropO6BWlPFH4Sl:xcm4FmowdHoSkhraHcpOFltH4Sl

Malware Config

Targets

    • Target

      NEAS.dbb80a5cbc906229743f0861b4a1ee80.exe

    • Size

      113KB

    • MD5

      dbb80a5cbc906229743f0861b4a1ee80

    • SHA1

      18407eb69b3f90b8b8ccbeb3f47541592417ba81

    • SHA256

      c8e70ae1065f08598fb52f137aa653aae949e547d3637e20e978ff7b42ca278f

    • SHA512

      3efdcdfce4efb5c7ab6f8d27efaeea8be203a6e34dfd43910202644dad7f0c53b7af27fc6d620520735672ba4893c7744264d492c224a6416ac9eb35e69667d7

    • SSDEEP

      3072:xhOmTsF93UYfwC6GIoutkYcvrqrE66kropO6BWlPFH4Sl:xcm4FmowdHoSkhraHcpOFltH4Sl

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks