Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.7b086698889a9c9803dc4aa9938ad2f0.exe

  • Size

    350KB

  • Sample

    231022-vxmjcaee5x

  • MD5

    7b086698889a9c9803dc4aa9938ad2f0

  • SHA1

    f11d4197aa3ebc9a450c87eb957b3cd6732eba82

  • SHA256

    0d49f48f4ae485b5a5b20fe675defad2d3417e352bddf3fd0287af87cee73bc4

  • SHA512

    89c051e668cea13cf64c82d4a1b722eefa7e23242598c007a2912f3c7184e28c6b36745167ffe4620c0fdbc747fcbe8e48722df2eb6f9791f3bafff0918b51da

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7+h:n3C9uYA71kSMu08px7c

Malware Config

Targets

    • Target

      NEAS.7b086698889a9c9803dc4aa9938ad2f0.exe

    • Size

      350KB

    • MD5

      7b086698889a9c9803dc4aa9938ad2f0

    • SHA1

      f11d4197aa3ebc9a450c87eb957b3cd6732eba82

    • SHA256

      0d49f48f4ae485b5a5b20fe675defad2d3417e352bddf3fd0287af87cee73bc4

    • SHA512

      89c051e668cea13cf64c82d4a1b722eefa7e23242598c007a2912f3c7184e28c6b36745167ffe4620c0fdbc747fcbe8e48722df2eb6f9791f3bafff0918b51da

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7+h:n3C9uYA71kSMu08px7c

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks