Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    76fe96754c1143f0a2a220039ea45580_NeikiAnalytics.exe

  • Size

    395KB

  • Sample

    240530-rgte6sbb8x

  • MD5

    76fe96754c1143f0a2a220039ea45580

  • SHA1

    303792313ed244eedd160fd5d8077532880e2186

  • SHA256

    00478da94fbb88bd1f6adb9e43374d5b5cdf50f5b103a275913722c57f4b8e28

  • SHA512

    c5228d07fe06ad8ae110dfbbe9c3a811f1fa90aecaad9157246c9f7fb451fa0520a8a160869a30c60b76c043431b64cb0f1e5dd1f236c8c0a017cbbcfbf5f363

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjkobjcSbcY+CaQdaFOY4iGFYtRdu/M:n3C9ytvngQjZbz+xt4vFBk

Malware Config

Targets

    • Target

      76fe96754c1143f0a2a220039ea45580_NeikiAnalytics.exe

    • Size

      395KB

    • MD5

      76fe96754c1143f0a2a220039ea45580

    • SHA1

      303792313ed244eedd160fd5d8077532880e2186

    • SHA256

      00478da94fbb88bd1f6adb9e43374d5b5cdf50f5b103a275913722c57f4b8e28

    • SHA512

      c5228d07fe06ad8ae110dfbbe9c3a811f1fa90aecaad9157246c9f7fb451fa0520a8a160869a30c60b76c043431b64cb0f1e5dd1f236c8c0a017cbbcfbf5f363

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjkobjcSbcY+CaQdaFOY4iGFYtRdu/M:n3C9ytvngQjZbz+xt4vFBk

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks