Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.070abc06c9d3f8e744429eebed715c20.exe

  • Size

    59KB

  • Sample

    231117-2h3qcagb8w

  • MD5

    070abc06c9d3f8e744429eebed715c20

  • SHA1

    38d76f4e4211f36f15674b27b6aebc3fce631962

  • SHA256

    72402b77df2cb403611bf7299db7871240d88b1ca0d7af482f0e52842547a6e5

  • SHA512

    3cd4734d72d190603d55d04a20a431e3beb01d9bcede53a9b0e988254925fc1a72c85804f949db1064f000fb57ff2e6443fa823295d775097e4385744b41d799

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yU/mj:ymb3NkkiQ3mdBjF0y/

Malware Config

Targets

    • Target

      NEAS.070abc06c9d3f8e744429eebed715c20.exe

    • Size

      59KB

    • MD5

      070abc06c9d3f8e744429eebed715c20

    • SHA1

      38d76f4e4211f36f15674b27b6aebc3fce631962

    • SHA256

      72402b77df2cb403611bf7299db7871240d88b1ca0d7af482f0e52842547a6e5

    • SHA512

      3cd4734d72d190603d55d04a20a431e3beb01d9bcede53a9b0e988254925fc1a72c85804f949db1064f000fb57ff2e6443fa823295d775097e4385744b41d799

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yU/mj:ymb3NkkiQ3mdBjF0y/

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks