Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.5001d911ca38168edabf518b6478f1d0.exe

  • Size

    161KB

  • Sample

    231104-kndvqsgb98

  • MD5

    5001d911ca38168edabf518b6478f1d0

  • SHA1

    589ee1c5d5a1a2bf9ccf4e675ea66a8dd5373973

  • SHA256

    12d16a39692f19c150cb529e48d8c61bb238d20979337f13e8429a15c3e2da73

  • SHA512

    c0d1816211a874b7044bc2410100d71525f2e4e4a5842d358d654ca3bf18f87de1c111a4f24162f8fb4d0b68c9ad15729a677b39b50868809b7accf5e7e7da84

  • SSDEEP

    3072:lhOmTsF93UYfwC6GIoutacudmVS3BLp3BqDH6lPqZDvC7TtTGeS07EfnsJ:lcm4FmowdHoSavdmk3Rp38L6l6kRSmE8

Malware Config

Targets

    • Target

      NEAS.5001d911ca38168edabf518b6478f1d0.exe

    • Size

      161KB

    • MD5

      5001d911ca38168edabf518b6478f1d0

    • SHA1

      589ee1c5d5a1a2bf9ccf4e675ea66a8dd5373973

    • SHA256

      12d16a39692f19c150cb529e48d8c61bb238d20979337f13e8429a15c3e2da73

    • SHA512

      c0d1816211a874b7044bc2410100d71525f2e4e4a5842d358d654ca3bf18f87de1c111a4f24162f8fb4d0b68c9ad15729a677b39b50868809b7accf5e7e7da84

    • SSDEEP

      3072:lhOmTsF93UYfwC6GIoutacudmVS3BLp3BqDH6lPqZDvC7TtTGeS07EfnsJ:lcm4FmowdHoSavdmk3Rp38L6l6kRSmE8

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks