Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.287c5eba6205d422690aa76f2fd1d560_JC.exe

  • Size

    323KB

  • Sample

    231021-wh97jagc3w

  • MD5

    287c5eba6205d422690aa76f2fd1d560

  • SHA1

    88d914a2306cc2e909aafb15bcf8e480799305c9

  • SHA256

    c7a84cf01018c7a1a23d53dac465440f0064e8c0f8e058a6eef1bb293daba5c6

  • SHA512

    1b80ff4ab1809f3b41b1458309cd88523ed54b340a72cbdaa117f6b7d1e1f78e5e78eaf1c81679951f2e0475bc5870b95bc4918b18c7c3c1dc4b76fd94b8a993

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1I:x4wFHoS3eFaKHpv/VycgE8I

Malware Config

Targets

    • Target

      NEAS.287c5eba6205d422690aa76f2fd1d560_JC.exe

    • Size

      323KB

    • MD5

      287c5eba6205d422690aa76f2fd1d560

    • SHA1

      88d914a2306cc2e909aafb15bcf8e480799305c9

    • SHA256

      c7a84cf01018c7a1a23d53dac465440f0064e8c0f8e058a6eef1bb293daba5c6

    • SHA512

      1b80ff4ab1809f3b41b1458309cd88523ed54b340a72cbdaa117f6b7d1e1f78e5e78eaf1c81679951f2e0475bc5870b95bc4918b18c7c3c1dc4b76fd94b8a993

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1I:x4wFHoS3eFaKHpv/VycgE8I

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks