Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.1ee39a71beeac3a2db6f69400d840730.exe

  • Size

    64KB

  • Sample

    231102-t64njshf64

  • MD5

    1ee39a71beeac3a2db6f69400d840730

  • SHA1

    8cc6de8d3422bfa0e883ab8cfc7caa515b26ab5a

  • SHA256

    a1121b80228123c636691bcbefb419cbcff55fcb15859eb6f9ea973c5a38b865

  • SHA512

    5ad9fd032374ce12deb46b4b1619537576da8a142062f109f6f2c03eea5674993a3f2eb43ca73abe15b98105a2a97b093cbee5c020ed9350bcfebf1ed3f5f529

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoA6aP2kx0n:ymb3NkkiQ3mdBjFolC2oY

Malware Config

Targets

    • Target

      NEAS.1ee39a71beeac3a2db6f69400d840730.exe

    • Size

      64KB

    • MD5

      1ee39a71beeac3a2db6f69400d840730

    • SHA1

      8cc6de8d3422bfa0e883ab8cfc7caa515b26ab5a

    • SHA256

      a1121b80228123c636691bcbefb419cbcff55fcb15859eb6f9ea973c5a38b865

    • SHA512

      5ad9fd032374ce12deb46b4b1619537576da8a142062f109f6f2c03eea5674993a3f2eb43ca73abe15b98105a2a97b093cbee5c020ed9350bcfebf1ed3f5f529

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoA6aP2kx0n:ymb3NkkiQ3mdBjFolC2oY

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks