Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.b48e9f83bb846d932835c72f97100410.exe

  • Size

    88KB

  • Sample

    231118-g2dv4scc38

  • MD5

    b48e9f83bb846d932835c72f97100410

  • SHA1

    30ac57f60ce21682f6d430d5f81ea9c323508d61

  • SHA256

    677b4366b20f61f73623fa3c3e8964b366ef5fb3e625804da74e308f7dddde96

  • SHA512

    e6b65e6950f284038fa53f1a495825588344de93999f464946c80098de8e2d8f862708469f8ef78532e8fcf7c217b072fc18fd4f087165016e727374f8894a75

  • SSDEEP

    1536:9vQBeOGtrYS3srx93UBWfwC6Ggnouy8PbhnyLFbUZJjw5Ivov1dk:9hOmTsF93UYfwC6GIoutz5yLpc

Malware Config

Targets

    • Target

      NEAS.b48e9f83bb846d932835c72f97100410.exe

    • Size

      88KB

    • MD5

      b48e9f83bb846d932835c72f97100410

    • SHA1

      30ac57f60ce21682f6d430d5f81ea9c323508d61

    • SHA256

      677b4366b20f61f73623fa3c3e8964b366ef5fb3e625804da74e308f7dddde96

    • SHA512

      e6b65e6950f284038fa53f1a495825588344de93999f464946c80098de8e2d8f862708469f8ef78532e8fcf7c217b072fc18fd4f087165016e727374f8894a75

    • SSDEEP

      1536:9vQBeOGtrYS3srx93UBWfwC6Ggnouy8PbhnyLFbUZJjw5Ivov1dk:9hOmTsF93UYfwC6GIoutz5yLpc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks