Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.70d9ddf03040ec1c4c5b53894aef7bc0.exe

  • Size

    372KB

  • Sample

    231106-ddsgtagd3t

  • MD5

    70d9ddf03040ec1c4c5b53894aef7bc0

  • SHA1

    24c408671a2637f9a7212dc9fb055b84255005ee

  • SHA256

    593fe5f69731d0b866f1393e605381f471bcdcd211280a0b633e04d23aee2c6c

  • SHA512

    350b5cf5eaea8126d784e8269fcb22a3cd6b6bfc017086b96a4dd3824f0dbc29cb4416786e85c448e8474267b8c5a81144fa0fcb0d8ebf64c7b3843204918d82

  • SSDEEP

    3072:8hOm2sI93UufdC67cimD5t251UrRE9TTFw41/tn:8cm7ImGddXmNt251UriZFwkp

Malware Config

Targets

    • Target

      NEAS.70d9ddf03040ec1c4c5b53894aef7bc0.exe

    • Size

      372KB

    • MD5

      70d9ddf03040ec1c4c5b53894aef7bc0

    • SHA1

      24c408671a2637f9a7212dc9fb055b84255005ee

    • SHA256

      593fe5f69731d0b866f1393e605381f471bcdcd211280a0b633e04d23aee2c6c

    • SHA512

      350b5cf5eaea8126d784e8269fcb22a3cd6b6bfc017086b96a4dd3824f0dbc29cb4416786e85c448e8474267b8c5a81144fa0fcb0d8ebf64c7b3843204918d82

    • SSDEEP

      3072:8hOm2sI93UufdC67cimD5t251UrRE9TTFw41/tn:8cm7ImGddXmNt251UriZFwkp

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks