Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.8f5d23faac70b635c94269baf0a65630.exe

  • Size

    330KB

  • Sample

    231104-r6qqksdg79

  • MD5

    8f5d23faac70b635c94269baf0a65630

  • SHA1

    1b3391d67ea497fdfb20b055737576e5ccfe49e9

  • SHA256

    f8817114b90870482fd870c0229dd4c96f155d8c774e5e3cb32a63e4a9b40374

  • SHA512

    2d3dc084a4399f898a408a76695fbe7ce448f27aee99ec4a21e3c5073445c7f2ca9a63c894ec4fda47ce9e2411eda91e94864573d768da1cd256b9a0369412db

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo7LCgnilBxBqwZK2q6sYTsmZDSFdBE0rXE4ef2/B:n3C9BRo/CEilXBG2qZSlSFdBXExiB

Malware Config

Targets

    • Target

      NEAS.8f5d23faac70b635c94269baf0a65630.exe

    • Size

      330KB

    • MD5

      8f5d23faac70b635c94269baf0a65630

    • SHA1

      1b3391d67ea497fdfb20b055737576e5ccfe49e9

    • SHA256

      f8817114b90870482fd870c0229dd4c96f155d8c774e5e3cb32a63e4a9b40374

    • SHA512

      2d3dc084a4399f898a408a76695fbe7ce448f27aee99ec4a21e3c5073445c7f2ca9a63c894ec4fda47ce9e2411eda91e94864573d768da1cd256b9a0369412db

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo7LCgnilBxBqwZK2q6sYTsmZDSFdBE0rXE4ef2/B:n3C9BRo/CEilXBG2qZSlSFdBXExiB

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks