Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cfeb716a9ca10c4a5293eaf5ec521aa0_NeikiAnalytics.exe

  • Size

    349KB

  • Sample

    240616-dh1zraxarc

  • MD5

    cfeb716a9ca10c4a5293eaf5ec521aa0

  • SHA1

    348d8b870803825098b767092f2a68bcabfccad9

  • SHA256

    00ff73b1e1520673ed2827d236dcf9d6562e08697142cfe5854fbe59d711c67e

  • SHA512

    8962ce9ccb162c0941842fcb3dd739150a0e8987e1ea64a4f926bc6cef663f4644490465e86a59d5ea20c460ddbde834fb0902bb8bf5760ac2cc0fc9b5536608

  • SSDEEP

    6144:bcm4FmowdHoSgWrXD486jCpoAhlq1mEjBqLyOSlhNFF25:h4wFHoSgWj168w1VjsyvhNFF25

Malware Config

Targets

    • Target

      cfeb716a9ca10c4a5293eaf5ec521aa0_NeikiAnalytics.exe

    • Size

      349KB

    • MD5

      cfeb716a9ca10c4a5293eaf5ec521aa0

    • SHA1

      348d8b870803825098b767092f2a68bcabfccad9

    • SHA256

      00ff73b1e1520673ed2827d236dcf9d6562e08697142cfe5854fbe59d711c67e

    • SHA512

      8962ce9ccb162c0941842fcb3dd739150a0e8987e1ea64a4f926bc6cef663f4644490465e86a59d5ea20c460ddbde834fb0902bb8bf5760ac2cc0fc9b5536608

    • SSDEEP

      6144:bcm4FmowdHoSgWrXD486jCpoAhlq1mEjBqLyOSlhNFF25:h4wFHoSgWj168w1VjsyvhNFF25

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks