Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6e550c40c14154a48efd409fdf4ffef0_NeikiAnalytics.exe

  • Size

    247KB

  • Sample

    240527-j73grsde3w

  • MD5

    6e550c40c14154a48efd409fdf4ffef0

  • SHA1

    403c3a0bf7130a5db09afc5b8b93848017962e3c

  • SHA256

    b2338a3c77f6caa6ee825778a4fe3fef41c68f96297383ffdf2e852d8bd1562e

  • SHA512

    8e9081f2071db8adb0aea339030b7cea9891a6eec176adf1a61d916638e3472f7fb1fb20025bfb0ba99500f9bb37c44741f937d54b87259536d8a8a31fb93787

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4MAWvGjR1+:n3C9BRo7MlrWKo+lxtvGt1+

Malware Config

Targets

    • Target

      6e550c40c14154a48efd409fdf4ffef0_NeikiAnalytics.exe

    • Size

      247KB

    • MD5

      6e550c40c14154a48efd409fdf4ffef0

    • SHA1

      403c3a0bf7130a5db09afc5b8b93848017962e3c

    • SHA256

      b2338a3c77f6caa6ee825778a4fe3fef41c68f96297383ffdf2e852d8bd1562e

    • SHA512

      8e9081f2071db8adb0aea339030b7cea9891a6eec176adf1a61d916638e3472f7fb1fb20025bfb0ba99500f9bb37c44741f937d54b87259536d8a8a31fb93787

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4MAWvGjR1+:n3C9BRo7MlrWKo+lxtvGt1+

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks