Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.9ac19d075886b8dbdfbfc266328831b0.exe

  • Size

    146KB

  • Sample

    231107-ypl5dsfb9v

  • MD5

    9ac19d075886b8dbdfbfc266328831b0

  • SHA1

    99d940ba478dc324731f9ffe3abd03ec61c1ee33

  • SHA256

    631e54b50863b2caa8204d15197f193488d1f9e21b7c7215f7d6e4c8b46b0645

  • SHA512

    dcb65419a4dad0865206bef1c5d610b44017d4cd33348184fa326fc59d0fbb2e3a016f986bc978a885bb5639688ad8533e0127f8aeed709885e7917b4bcc1da0

  • SSDEEP

    3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4tFNwqsLnF:kcm4FmowdHoSphraHcpOFltH4tFI7F

Malware Config

Targets

    • Target

      NEAS.9ac19d075886b8dbdfbfc266328831b0.exe

    • Size

      146KB

    • MD5

      9ac19d075886b8dbdfbfc266328831b0

    • SHA1

      99d940ba478dc324731f9ffe3abd03ec61c1ee33

    • SHA256

      631e54b50863b2caa8204d15197f193488d1f9e21b7c7215f7d6e4c8b46b0645

    • SHA512

      dcb65419a4dad0865206bef1c5d610b44017d4cd33348184fa326fc59d0fbb2e3a016f986bc978a885bb5639688ad8533e0127f8aeed709885e7917b4bcc1da0

    • SSDEEP

      3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4tFNwqsLnF:kcm4FmowdHoSphraHcpOFltH4tFI7F

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks