Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.947977c14ada0d04ec07aa011359d830_JC.exe

  • Size

    381KB

  • Sample

    231031-wnt3hacb7s

  • MD5

    947977c14ada0d04ec07aa011359d830

  • SHA1

    3c0ff51e5167d1da859c1cdf840086d4df7cfbdc

  • SHA256

    61290f3d4e8d44262ed83649490385158c70aba2482462ef59e1a201f686b64f

  • SHA512

    797ce8607f42b2cba7f9f688fbd7396d85e5e976c918767124a05c98721b62faca1df07a473c1d865d2a1c4b02e5d88ae3a42a88698276bec706eaf73ea8e4af

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjpUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFh:n3C9ytvngQjpUXoSWlnwJv90aKToFqwp

Malware Config

Targets

    • Target

      NEAS.947977c14ada0d04ec07aa011359d830_JC.exe

    • Size

      381KB

    • MD5

      947977c14ada0d04ec07aa011359d830

    • SHA1

      3c0ff51e5167d1da859c1cdf840086d4df7cfbdc

    • SHA256

      61290f3d4e8d44262ed83649490385158c70aba2482462ef59e1a201f686b64f

    • SHA512

      797ce8607f42b2cba7f9f688fbd7396d85e5e976c918767124a05c98721b62faca1df07a473c1d865d2a1c4b02e5d88ae3a42a88698276bec706eaf73ea8e4af

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjpUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFh:n3C9ytvngQjpUXoSWlnwJv90aKToFqwp

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks