Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    438c2c204bd3f478410246581267f670_NeikiAnalytics

  • Size

    392KB

  • Sample

    240511-ba3r9sbh9s

  • MD5

    438c2c204bd3f478410246581267f670

  • SHA1

    e2b3127f3943ce753ca784376a528a7b254e2ae7

  • SHA256

    2f3d907b14c46a0531a6f82dd56768aeb78fc86e8960a451981be95d0d9b7c82

  • SHA512

    75eefc596cbd27a84e5e376d37fdaf40e6c21d69cb2bf838260327f9ed117e5d367e4086d3d5da61a391745b88ae61e80ac9289315cd058aa1d6c3126ffd2a44

  • SSDEEP

    6144:n3C9BRIG0asYFm71mPfkVB8dKwaO5CVwOV:n3C9uYA7okVqdKwaO5CV3

Malware Config

Targets

    • Target

      438c2c204bd3f478410246581267f670_NeikiAnalytics

    • Size

      392KB

    • MD5

      438c2c204bd3f478410246581267f670

    • SHA1

      e2b3127f3943ce753ca784376a528a7b254e2ae7

    • SHA256

      2f3d907b14c46a0531a6f82dd56768aeb78fc86e8960a451981be95d0d9b7c82

    • SHA512

      75eefc596cbd27a84e5e376d37fdaf40e6c21d69cb2bf838260327f9ed117e5d367e4086d3d5da61a391745b88ae61e80ac9289315cd058aa1d6c3126ffd2a44

    • SSDEEP

      6144:n3C9BRIG0asYFm71mPfkVB8dKwaO5CVwOV:n3C9uYA7okVqdKwaO5CV3

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks