Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.c505926f54da1d6777bbadc29f3b2530.exe

  • Size

    480KB

  • Sample

    231101-jpwlhace5t

  • MD5

    c505926f54da1d6777bbadc29f3b2530

  • SHA1

    9138f5fd82e6480ee96349d3bc62ce6ee8a1176e

  • SHA256

    4b18b31b36c3669d08664ad9770236c41eef694171955f4ec6220c189568153a

  • SHA512

    b2d1133d553e94a5c81321bd6db0d9ab392fb031823556c1afdc3220a4790ecf03a14802039790dd077cec4dbfc54a9337a10fdf323da374c45a31c3937df04b

  • SSDEEP

    12288:N4wFHoSMu49P9mPh2kkkkK4kXkkkkkkkkl888888888888888888nl:Cu49lmPh2kkkkK4kXkkkkkkkk3

Malware Config

Targets

    • Target

      NEAS.c505926f54da1d6777bbadc29f3b2530.exe

    • Size

      480KB

    • MD5

      c505926f54da1d6777bbadc29f3b2530

    • SHA1

      9138f5fd82e6480ee96349d3bc62ce6ee8a1176e

    • SHA256

      4b18b31b36c3669d08664ad9770236c41eef694171955f4ec6220c189568153a

    • SHA512

      b2d1133d553e94a5c81321bd6db0d9ab392fb031823556c1afdc3220a4790ecf03a14802039790dd077cec4dbfc54a9337a10fdf323da374c45a31c3937df04b

    • SSDEEP

      12288:N4wFHoSMu49P9mPh2kkkkK4kXkkkkkkkkl888888888888888888nl:Cu49lmPh2kkkkK4kXkkkkkkkk3

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks