Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a944d804680a0a129c50abcde60ff690_NeikiAnalytics

  • Size

    380KB

  • Sample

    240511-kjt16ahd5x

  • MD5

    a944d804680a0a129c50abcde60ff690

  • SHA1

    e6103d5435b3de6e6905b466ad027d1676fb7f51

  • SHA256

    7c281221372c8c956741cbadd0c764fca7ac59678c1d203081646204dd1dab91

  • SHA512

    86cc81511573da2c60e3ec307cf55ecc4808b24e0b92166d518e487f325f56ecdb55bac5c5b80e02c374632906cffdf1d6e6ffa4d2c37828222894cdbf595e16

  • SSDEEP

    6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0Ibse:y4wFHoS3eFaKHpNKbbse

Malware Config

Targets

    • Target

      a944d804680a0a129c50abcde60ff690_NeikiAnalytics

    • Size

      380KB

    • MD5

      a944d804680a0a129c50abcde60ff690

    • SHA1

      e6103d5435b3de6e6905b466ad027d1676fb7f51

    • SHA256

      7c281221372c8c956741cbadd0c764fca7ac59678c1d203081646204dd1dab91

    • SHA512

      86cc81511573da2c60e3ec307cf55ecc4808b24e0b92166d518e487f325f56ecdb55bac5c5b80e02c374632906cffdf1d6e6ffa4d2c37828222894cdbf595e16

    • SSDEEP

      6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0Ibse:y4wFHoS3eFaKHpNKbbse

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks