Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    336c28a7db76eb1c2955fcfc29538de0_NeikiAnalytics.exe

  • Size

    372KB

  • Sample

    240602-emsdvaah76

  • MD5

    336c28a7db76eb1c2955fcfc29538de0

  • SHA1

    90574160eca471a6389df6a3dfd61bf278939a6d

  • SHA256

    2b05910dfe0037e23937e1254a775560ff369d218de97010215e1d12b3d76347

  • SHA512

    13e09f7f5df92c7cd0434570a9e7c9d7ea824cfbf7f08d3045d8b26377d6c4e6d3271457be8f1b9e13d78ddab082d285fe02be58f6a7239ddd5a32202d95c598

  • SSDEEP

    6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMx:n3C9uYA7i3/stR9HGYyvtTxTKMA

Malware Config

Targets

    • Target

      336c28a7db76eb1c2955fcfc29538de0_NeikiAnalytics.exe

    • Size

      372KB

    • MD5

      336c28a7db76eb1c2955fcfc29538de0

    • SHA1

      90574160eca471a6389df6a3dfd61bf278939a6d

    • SHA256

      2b05910dfe0037e23937e1254a775560ff369d218de97010215e1d12b3d76347

    • SHA512

      13e09f7f5df92c7cd0434570a9e7c9d7ea824cfbf7f08d3045d8b26377d6c4e6d3271457be8f1b9e13d78ddab082d285fe02be58f6a7239ddd5a32202d95c598

    • SSDEEP

      6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMx:n3C9uYA7i3/stR9HGYyvtTxTKMA

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks