Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.1e5e57747f3223647eed93baedcd4e70_JC.exe

  • Size

    3.0MB

  • Sample

    231105-e6hczscg72

  • MD5

    1e5e57747f3223647eed93baedcd4e70

  • SHA1

    41d021b36272d89bf3f5a51a5c42600ceab5a2d9

  • SHA256

    d3450195f893d7df66bfa051ef9bfea1859a7360749bbedd59567016d9abbe9f

  • SHA512

    2bb4349321c19f5edfb1a86c941df1294c75152191ed18ce64c170e3a66c9395d48aee44faf45d3cd2e311b3944738ae5278b4c26746c080f9cb5369a02e8ff8

  • SSDEEP

    49152:gUmJN8WOSElD+ff+PruHlHEIj9YX+BFBrzbIzmCFoqxmMONz0WuhzEYLXCGLcv7H:YJN8WOSE9+fMclH1YqBnbIzPKqjWoocw

Malware Config

Targets

    • Target

      NEAS.1e5e57747f3223647eed93baedcd4e70_JC.exe

    • Size

      3.0MB

    • MD5

      1e5e57747f3223647eed93baedcd4e70

    • SHA1

      41d021b36272d89bf3f5a51a5c42600ceab5a2d9

    • SHA256

      d3450195f893d7df66bfa051ef9bfea1859a7360749bbedd59567016d9abbe9f

    • SHA512

      2bb4349321c19f5edfb1a86c941df1294c75152191ed18ce64c170e3a66c9395d48aee44faf45d3cd2e311b3944738ae5278b4c26746c080f9cb5369a02e8ff8

    • SSDEEP

      49152:gUmJN8WOSElD+ff+PruHlHEIj9YX+BFBrzbIzmCFoqxmMONz0WuhzEYLXCGLcv7H:YJN8WOSE9+fMclH1YqBnbIzPKqjWoocw

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks