Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.b1d4caf9ef64b16bf93bf2cb4ba86cd0.exe

  • Size

    1.0MB

  • Sample

    231101-rly68aeh3w

  • MD5

    b1d4caf9ef64b16bf93bf2cb4ba86cd0

  • SHA1

    28914ee6b9c0672e7020b74bb8f2b9d042f2e6f6

  • SHA256

    39b4287a62fbb4968a92aa1c754f0e425eda99fd001df017795046667d9bf3bc

  • SHA512

    a0164c8feb9ea88a309c4cf778fb6df7580eb5ae09f16fd75a55020d0d81fed1e0fc0ff2be695cdd8c9e0b949cd3768607dbbfa4e49f066e84a6b364172f18dd

  • SSDEEP

    24576:Sgdn8whShajgdn8whSrgdnTg0wCtEgdn8whSZ9:TQL3R6

Malware Config

Targets

    • Target

      NEAS.b1d4caf9ef64b16bf93bf2cb4ba86cd0.exe

    • Size

      1.0MB

    • MD5

      b1d4caf9ef64b16bf93bf2cb4ba86cd0

    • SHA1

      28914ee6b9c0672e7020b74bb8f2b9d042f2e6f6

    • SHA256

      39b4287a62fbb4968a92aa1c754f0e425eda99fd001df017795046667d9bf3bc

    • SHA512

      a0164c8feb9ea88a309c4cf778fb6df7580eb5ae09f16fd75a55020d0d81fed1e0fc0ff2be695cdd8c9e0b949cd3768607dbbfa4e49f066e84a6b364172f18dd

    • SSDEEP

      24576:Sgdn8whShajgdn8whSrgdnTg0wCtEgdn8whSZ9:TQL3R6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks