Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.95661b4505868d839663a5bf942a14c0.exe

  • Size

    396KB

  • Sample

    231107-dbxnraad2z

  • MD5

    95661b4505868d839663a5bf942a14c0

  • SHA1

    edd5bdcbc5c32aed5a5fc66226127a81e2f4c8cc

  • SHA256

    b4342ab14608c5990c566741431608e00b6dbe687a5705853db34ce7dfb3a298

  • SHA512

    7a1a0e83375df7cae1fdb8839cac58db2d9ebe533a6eeb17149d7dcb88bb18ad06520be3f092e75fd560a98ca553bf020c750f374761486f5ac20ccf14cdb72f

  • SSDEEP

    3072:vhOm2sI93UufdC67cidt251UrRE9TTF06dTCs0yZ+MEtCslqJ3:vcm7ImGddXdt251UriZF0KCsNZARqJ3

Malware Config

Targets

    • Target

      NEAS.95661b4505868d839663a5bf942a14c0.exe

    • Size

      396KB

    • MD5

      95661b4505868d839663a5bf942a14c0

    • SHA1

      edd5bdcbc5c32aed5a5fc66226127a81e2f4c8cc

    • SHA256

      b4342ab14608c5990c566741431608e00b6dbe687a5705853db34ce7dfb3a298

    • SHA512

      7a1a0e83375df7cae1fdb8839cac58db2d9ebe533a6eeb17149d7dcb88bb18ad06520be3f092e75fd560a98ca553bf020c750f374761486f5ac20ccf14cdb72f

    • SSDEEP

      3072:vhOm2sI93UufdC67cidt251UrRE9TTF06dTCs0yZ+MEtCslqJ3:vcm7ImGddXdt251UriZF0KCsNZARqJ3

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks