Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5e8866b36b2ee97022366a478b5e5fa0_NeikiAnalytics.exe

  • Size

    480KB

  • Sample

    240602-y33z3adg2s

  • MD5

    5e8866b36b2ee97022366a478b5e5fa0

  • SHA1

    bdce328c6c632a721cd77cb659f81566d2a3c1a9

  • SHA256

    50fdba025f265f0981345b19be010ab5a3646d24b7b570ae02252f1a821a53b0

  • SHA512

    e2cb9670ed3d45edcb491dbd762604ffc1534bf9e409cc7c3a757ac7ff9aea2b957db9d179e6dc484dd032dcccb56c79f44ea2f31034ecb8d1927ee91d3af8ae

  • SSDEEP

    12288:n3C9uDVw6326pKZ9asZqoZHz+evcn0Meh2Fezf:Su326p0aroZt0sf

Malware Config

Targets

    • Target

      5e8866b36b2ee97022366a478b5e5fa0_NeikiAnalytics.exe

    • Size

      480KB

    • MD5

      5e8866b36b2ee97022366a478b5e5fa0

    • SHA1

      bdce328c6c632a721cd77cb659f81566d2a3c1a9

    • SHA256

      50fdba025f265f0981345b19be010ab5a3646d24b7b570ae02252f1a821a53b0

    • SHA512

      e2cb9670ed3d45edcb491dbd762604ffc1534bf9e409cc7c3a757ac7ff9aea2b957db9d179e6dc484dd032dcccb56c79f44ea2f31034ecb8d1927ee91d3af8ae

    • SSDEEP

      12288:n3C9uDVw6326pKZ9asZqoZHz+evcn0Meh2Fezf:Su326p0aroZt0sf

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks