Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    537683838be48eee1ec4881d4899be60_NeikiAnalytics.exe

  • Size

    486KB

  • Sample

    240602-jj9k6sfg93

  • MD5

    537683838be48eee1ec4881d4899be60

  • SHA1

    1d3c49c8314a69e384a1035a4e296476a754219d

  • SHA256

    c96d71cf155e00aa2699691d396492e087895075b6d2a495b85db0855c445e83

  • SHA512

    1345771b95f02fb2534e159901f667f248958d96b874112e06faf49f27e3f92cdb888a4e8ea02a01e9415e91da31692c24c1886d56a9cad1c946f8af10096089

  • SSDEEP

    6144:xcm4FmowdHoSkhraHcpOFltH4t+IDvSXrh5g8hZTydOAkOCOu0EajNVBZr6y2WXO:74wFHoSceFp3IDvSbh5nP+aiU

Malware Config

Targets

    • Target

      537683838be48eee1ec4881d4899be60_NeikiAnalytics.exe

    • Size

      486KB

    • MD5

      537683838be48eee1ec4881d4899be60

    • SHA1

      1d3c49c8314a69e384a1035a4e296476a754219d

    • SHA256

      c96d71cf155e00aa2699691d396492e087895075b6d2a495b85db0855c445e83

    • SHA512

      1345771b95f02fb2534e159901f667f248958d96b874112e06faf49f27e3f92cdb888a4e8ea02a01e9415e91da31692c24c1886d56a9cad1c946f8af10096089

    • SSDEEP

      6144:xcm4FmowdHoSkhraHcpOFltH4t+IDvSXrh5g8hZTydOAkOCOu0EajNVBZr6y2WXO:74wFHoSceFp3IDvSbh5nP+aiU

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks