Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a566634b4b0d6d5453c6e630dac89c10_NeikiAnalytics.exe

  • Size

    224KB

  • Sample

    240603-q3ba2sgd9t

  • MD5

    a566634b4b0d6d5453c6e630dac89c10

  • SHA1

    b1310e09e26a00284ff773ecab00b5e977ef781a

  • SHA256

    f4761659efea3ff46d73acfa28b0fde50f94a6a08810cb0e31f5fff9f07ee58d

  • SHA512

    ef4cefd1be22942c54bcc0c667059ada333320b4437141d19f6d6fa48595999e69c6a729f33cbb646b46576f97eb2a1023fcfc84190ae4a43f81ea133702acc3

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL76:n3C9BRo7MlrWKo+lxKG

Malware Config

Targets

    • Target

      a566634b4b0d6d5453c6e630dac89c10_NeikiAnalytics.exe

    • Size

      224KB

    • MD5

      a566634b4b0d6d5453c6e630dac89c10

    • SHA1

      b1310e09e26a00284ff773ecab00b5e977ef781a

    • SHA256

      f4761659efea3ff46d73acfa28b0fde50f94a6a08810cb0e31f5fff9f07ee58d

    • SHA512

      ef4cefd1be22942c54bcc0c667059ada333320b4437141d19f6d6fa48595999e69c6a729f33cbb646b46576f97eb2a1023fcfc84190ae4a43f81ea133702acc3

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL76:n3C9BRo7MlrWKo+lxKG

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks