Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d2455368ec6b2b8ad238b5f70c7d6b50_NeikiAnalytics.exe

  • Size

    149KB

  • Sample

    240526-m55e5agg83

  • MD5

    d2455368ec6b2b8ad238b5f70c7d6b50

  • SHA1

    1fced3a52fec3a0d1a8dc27f5957fd05337749e7

  • SHA256

    473a143992e66c610e862f0e0ee3a5a5dec6d94524e193628f5920d206d17b38

  • SHA512

    333af17b9a8bbebdeeca4fcbebe502fd15b530ca2d06f9728b685cb970a87c49dbbf857128c8a8766536861401fbc05a36b40aafaacc2a4a3aeb240236e5890c

  • SSDEEP

    3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4t7:kcm4FmowdHoSphraHcpOFltH4t7

Malware Config

Targets

    • Target

      d2455368ec6b2b8ad238b5f70c7d6b50_NeikiAnalytics.exe

    • Size

      149KB

    • MD5

      d2455368ec6b2b8ad238b5f70c7d6b50

    • SHA1

      1fced3a52fec3a0d1a8dc27f5957fd05337749e7

    • SHA256

      473a143992e66c610e862f0e0ee3a5a5dec6d94524e193628f5920d206d17b38

    • SHA512

      333af17b9a8bbebdeeca4fcbebe502fd15b530ca2d06f9728b685cb970a87c49dbbf857128c8a8766536861401fbc05a36b40aafaacc2a4a3aeb240236e5890c

    • SSDEEP

      3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH4t7:kcm4FmowdHoSphraHcpOFltH4t7

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks