Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    55a5cecfb1172f9fe76f6671d03ff760_NeikiAnalytics.exe

  • Size

    971KB

  • Sample

    240602-jrh37afd4v

  • MD5

    55a5cecfb1172f9fe76f6671d03ff760

  • SHA1

    3f556e6937cb4b4c448086abe21e3daaba357170

  • SHA256

    70a0cc7ec5f88dc06c49544ca242326371b7435b0e2d5e2a9dc8ccecc8a2e244

  • SHA512

    d2ff6cf6b8573a17d6234b9425308d5fb1bf6815be4932924244de88a8c2627d70e5ece9f939f447a5d7e20bc5c568dcc5c745f2bbc71e2b2ab3c5649287b6a2

  • SSDEEP

    12288:n3C9yMo+S0L9xRnoq7H9xqYL04iVypNKvzcMwdBS3b3aoqYveXVadBlHD+CURPOv:SgD4bhoqLDqYLagB6Wj1+Cyx

Malware Config

Targets

    • Target

      55a5cecfb1172f9fe76f6671d03ff760_NeikiAnalytics.exe

    • Size

      971KB

    • MD5

      55a5cecfb1172f9fe76f6671d03ff760

    • SHA1

      3f556e6937cb4b4c448086abe21e3daaba357170

    • SHA256

      70a0cc7ec5f88dc06c49544ca242326371b7435b0e2d5e2a9dc8ccecc8a2e244

    • SHA512

      d2ff6cf6b8573a17d6234b9425308d5fb1bf6815be4932924244de88a8c2627d70e5ece9f939f447a5d7e20bc5c568dcc5c745f2bbc71e2b2ab3c5649287b6a2

    • SSDEEP

      12288:n3C9yMo+S0L9xRnoq7H9xqYL04iVypNKvzcMwdBS3b3aoqYveXVadBlHD+CURPOv:SgD4bhoqLDqYLagB6Wj1+Cyx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks