Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.992b9204f18dc4ec02973dd1f5bb5600.exe

  • Size

    87KB

  • Sample

    231101-rkmf2aea5w

  • MD5

    992b9204f18dc4ec02973dd1f5bb5600

  • SHA1

    5113e3039db8db6104f9a9806b59b54c5f750de4

  • SHA256

    1bed5fd6213c8e2ed4bb290f2bb23c66a947a4e2d5713c1852193fafe135477f

  • SHA512

    f2b9ef4f750b732276ef2806796bea3adf5cbfa99404e6755940f61c959bc3fa2f322be299a8fdc7f6d58b8733a460d9125e254baa9fbbd1d7ea9f18a9413071

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLU1gq6toilpUsp70DDIL:ymb3NkkiQ3mdBjFoLkmo+UU7yEL

Malware Config

Targets

    • Target

      NEAS.992b9204f18dc4ec02973dd1f5bb5600.exe

    • Size

      87KB

    • MD5

      992b9204f18dc4ec02973dd1f5bb5600

    • SHA1

      5113e3039db8db6104f9a9806b59b54c5f750de4

    • SHA256

      1bed5fd6213c8e2ed4bb290f2bb23c66a947a4e2d5713c1852193fafe135477f

    • SHA512

      f2b9ef4f750b732276ef2806796bea3adf5cbfa99404e6755940f61c959bc3fa2f322be299a8fdc7f6d58b8733a460d9125e254baa9fbbd1d7ea9f18a9413071

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLU1gq6toilpUsp70DDIL:ymb3NkkiQ3mdBjFoLkmo+UU7yEL

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks