Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    696479e55adbfcd873153783ecfb2650_NeikiAnalytics

  • Size

    155KB

  • Sample

    240512-eyr78abe26

  • MD5

    696479e55adbfcd873153783ecfb2650

  • SHA1

    7b80c41aa8414d74ebb89bc73f20133f3df31dfa

  • SHA256

    55787e16f63030ab08fa5995ed9a1cbecba61387a6ea005363fa1ce066388506

  • SHA512

    406725dd9652d9eaaeb539a79973002000a94bd06983e8d4bcd9fdd0c4ad86c86a11a06870b8cd095c424ea395db2ca4db49706866ac49540c7d568ecabfa2a1

  • SSDEEP

    3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4oGPwJwJEj:kcm4FmowdHoSphraHcpOFltH4oGPjJEj

Malware Config

Targets

    • Target

      696479e55adbfcd873153783ecfb2650_NeikiAnalytics

    • Size

      155KB

    • MD5

      696479e55adbfcd873153783ecfb2650

    • SHA1

      7b80c41aa8414d74ebb89bc73f20133f3df31dfa

    • SHA256

      55787e16f63030ab08fa5995ed9a1cbecba61387a6ea005363fa1ce066388506

    • SHA512

      406725dd9652d9eaaeb539a79973002000a94bd06983e8d4bcd9fdd0c4ad86c86a11a06870b8cd095c424ea395db2ca4db49706866ac49540c7d568ecabfa2a1

    • SSDEEP

      3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4oGPwJwJEj:kcm4FmowdHoSphraHcpOFltH4oGPjJEj

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks