Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6007507ee4e870d54002d695cf047710_NeikiAnalytics.exe

  • Size

    61KB

  • Sample

    240523-akrbjsed5w

  • MD5

    6007507ee4e870d54002d695cf047710

  • SHA1

    11585ef509848e568948f2a16b3f37a57db61eb3

  • SHA256

    cc8e602b9e85e6a4f8648c27ca62f8e62fc68b58d9abe06acec52d7bcf72fe05

  • SHA512

    5d4cf564dabea7755e3a920a5579684b965b06a2a66488145fdcf28caf5fb804354e8b3324268a8e9929f3ac53d7468e84fde0b83657e5ee389f80845394ff27

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvAEaFJL8:ymb3NkkiQ3mdBjFIvAv8

Malware Config

Targets

    • Target

      6007507ee4e870d54002d695cf047710_NeikiAnalytics.exe

    • Size

      61KB

    • MD5

      6007507ee4e870d54002d695cf047710

    • SHA1

      11585ef509848e568948f2a16b3f37a57db61eb3

    • SHA256

      cc8e602b9e85e6a4f8648c27ca62f8e62fc68b58d9abe06acec52d7bcf72fe05

    • SHA512

      5d4cf564dabea7755e3a920a5579684b965b06a2a66488145fdcf28caf5fb804354e8b3324268a8e9929f3ac53d7468e84fde0b83657e5ee389f80845394ff27

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvAEaFJL8:ymb3NkkiQ3mdBjFIvAv8

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks