Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d6fd7035ae058b0e0731719f6510b240_NeikiAnalytics

  • Size

    266KB

  • Sample

    240516-lnwwzsfa26

  • MD5

    d6fd7035ae058b0e0731719f6510b240

  • SHA1

    04286631bb983423b61886cc384d9c21d47702dc

  • SHA256

    48beca7421cf915b3a04d14b7f0a5ba4a39913304e5754579fb9f5a91154c767

  • SHA512

    e54bc2a2bbb50770cc1438be8c1bab64f933083567b8085f09d70bdf53f9d906d9224bc64b23d4a534b071c01578e2f218e7dc86b19393ed9c0efa789f6ca810

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmPzTkV2y/QTa9RBZydZbf83pnzgmmIMS:n3C9BRIG0asYFm71mPfkVB8dKwaWC

Malware Config

Targets

    • Target

      d6fd7035ae058b0e0731719f6510b240_NeikiAnalytics

    • Size

      266KB

    • MD5

      d6fd7035ae058b0e0731719f6510b240

    • SHA1

      04286631bb983423b61886cc384d9c21d47702dc

    • SHA256

      48beca7421cf915b3a04d14b7f0a5ba4a39913304e5754579fb9f5a91154c767

    • SHA512

      e54bc2a2bbb50770cc1438be8c1bab64f933083567b8085f09d70bdf53f9d906d9224bc64b23d4a534b071c01578e2f218e7dc86b19393ed9c0efa789f6ca810

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmPzTkV2y/QTa9RBZydZbf83pnzgmmIMS:n3C9BRIG0asYFm71mPfkVB8dKwaWC

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks