Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d98b040e611868a09af0e983e9946730_NeikiAnalytics

  • Size

    441KB

  • Sample

    240510-n54dhagd77

  • MD5

    d98b040e611868a09af0e983e9946730

  • SHA1

    39fd2b00c4d73c131f211443baf0151697e1dde4

  • SHA256

    730cec8b85ac2341dfb4421d651fea8c427e51dec405cdef5fc8d7afd7045162

  • SHA512

    485012eeaa6a9c2658176da24f377d3643c6c089080ff00b50ad36706d7149fd721d3cba60427178ab20a57203777861eeebba215c42fc233efacfd46031f659

  • SSDEEP

    12288:M4wFHoSpg4wFHonR/nPF2LnFL4wF04wFK4wFK4wluWI:UrR/nPm

Malware Config

Targets

    • Target

      d98b040e611868a09af0e983e9946730_NeikiAnalytics

    • Size

      441KB

    • MD5

      d98b040e611868a09af0e983e9946730

    • SHA1

      39fd2b00c4d73c131f211443baf0151697e1dde4

    • SHA256

      730cec8b85ac2341dfb4421d651fea8c427e51dec405cdef5fc8d7afd7045162

    • SHA512

      485012eeaa6a9c2658176da24f377d3643c6c089080ff00b50ad36706d7149fd721d3cba60427178ab20a57203777861eeebba215c42fc233efacfd46031f659

    • SSDEEP

      12288:M4wFHoSpg4wFHonR/nPF2LnFL4wF04wFK4wFK4wluWI:UrR/nPm

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks