Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    17e05df9d9ee584cfea2c3cfdef02020_NeikiAnalytics

  • Size

    453KB

  • Sample

    240515-xkfw5sef7s

  • MD5

    17e05df9d9ee584cfea2c3cfdef02020

  • SHA1

    3a966810076f4d28a0f79bda51672545cb755633

  • SHA256

    bc483cb6e41a05ad89bcdd351126161cb4ae8822544e2bddcb04fe2344c5423b

  • SHA512

    f9bafcdf900389260dcb87dad7ace8cd2c174f8d988ce87dcb9b42bdd9e1456a35a77f0619d50d66542a8abdacfc1356c0fba08d073e12df8bd142dbbd7af859

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNm8:x4wFHoS3eFaKHpv/VycgE81lgx

Malware Config

Targets

    • Target

      17e05df9d9ee584cfea2c3cfdef02020_NeikiAnalytics

    • Size

      453KB

    • MD5

      17e05df9d9ee584cfea2c3cfdef02020

    • SHA1

      3a966810076f4d28a0f79bda51672545cb755633

    • SHA256

      bc483cb6e41a05ad89bcdd351126161cb4ae8822544e2bddcb04fe2344c5423b

    • SHA512

      f9bafcdf900389260dcb87dad7ace8cd2c174f8d988ce87dcb9b42bdd9e1456a35a77f0619d50d66542a8abdacfc1356c0fba08d073e12df8bd142dbbd7af859

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNm8:x4wFHoS3eFaKHpv/VycgE81lgx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks