Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5c564f440fdf2cbff8f8288192ff6eb0_NeikiAnalytics.exe

  • Size

    79KB

  • Sample

    240530-aq6y7afe51

  • MD5

    5c564f440fdf2cbff8f8288192ff6eb0

  • SHA1

    6b43a548e106349e23c4f40e2d9ccba47eb41d13

  • SHA256

    4f14a8811874722b45e093a72fc3a1678d4a8e7c65056fb803af396b5812fae5

  • SHA512

    e9e50113bc4afdd220124dbe67e256f15a6961e483684f0fb7a2ee219037248cc28854672958113b26a7aafe0a760952ea8f808127cbac609cfe810e85dbd2b2

  • SSDEEP

    1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6T7A:zhOmTsF93UYfwC6GIoutiTU2HVS63A

Malware Config

Targets

    • Target

      5c564f440fdf2cbff8f8288192ff6eb0_NeikiAnalytics.exe

    • Size

      79KB

    • MD5

      5c564f440fdf2cbff8f8288192ff6eb0

    • SHA1

      6b43a548e106349e23c4f40e2d9ccba47eb41d13

    • SHA256

      4f14a8811874722b45e093a72fc3a1678d4a8e7c65056fb803af396b5812fae5

    • SHA512

      e9e50113bc4afdd220124dbe67e256f15a6961e483684f0fb7a2ee219037248cc28854672958113b26a7aafe0a760952ea8f808127cbac609cfe810e85dbd2b2

    • SSDEEP

      1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6T7A:zhOmTsF93UYfwC6GIoutiTU2HVS63A

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks