Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    04e85ca84fc0e7d49b3ad74c82c63810_NEAS

  • Size

    228KB

  • Sample

    240507-xkqrcaad3s

  • MD5

    04e85ca84fc0e7d49b3ad74c82c63810

  • SHA1

    8ceda241548906245ead9f4d74ba07809d7a5686

  • SHA256

    64cc8920142782bc7e652c6034957767ad445a8557284a4a393f40640f6c02fe

  • SHA512

    00c886c93e2aa8d7da324f535b6e9e4d9fb629d777821ee12179f32b24187a53925323a8649756966f51b66e521479dd6a9acaf5760e317fd63cf4ce5f744e56

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLn/cX:n3C9BRo7MlrWKo+lxKkX

Malware Config

Targets

    • Target

      04e85ca84fc0e7d49b3ad74c82c63810_NEAS

    • Size

      228KB

    • MD5

      04e85ca84fc0e7d49b3ad74c82c63810

    • SHA1

      8ceda241548906245ead9f4d74ba07809d7a5686

    • SHA256

      64cc8920142782bc7e652c6034957767ad445a8557284a4a393f40640f6c02fe

    • SHA512

      00c886c93e2aa8d7da324f535b6e9e4d9fb629d777821ee12179f32b24187a53925323a8649756966f51b66e521479dd6a9acaf5760e317fd63cf4ce5f744e56

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLn/cX:n3C9BRo7MlrWKo+lxKkX

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks