Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6486a92d436cc53a45104816a7b6c04fa0393388f7a4da7dd0f6a037469ec477_NeikiAnalytics.exe

  • Size

    88KB

  • Sample

    240624-mhpfds1cql

  • MD5

    572122dab9f2e7efcd30988c09151880

  • SHA1

    1a7deadb2c3252f1908880b0b9024ef1e27e5926

  • SHA256

    6486a92d436cc53a45104816a7b6c04fa0393388f7a4da7dd0f6a037469ec477

  • SHA512

    446360475286a693edbc4d0938d2deb6ecf3f8a371c09494190fcf07da5da2c0d694d786600c57be3eb7db3182d7b15057f50588a5f0cb4802b54a3cea7259ed

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2iJvRirE0DmoLZsO4EUe:ymb3NkkiQ3mdBjF+3TU2iBRioSnZsTEZ

Malware Config

Targets

    • Target

      6486a92d436cc53a45104816a7b6c04fa0393388f7a4da7dd0f6a037469ec477_NeikiAnalytics.exe

    • Size

      88KB

    • MD5

      572122dab9f2e7efcd30988c09151880

    • SHA1

      1a7deadb2c3252f1908880b0b9024ef1e27e5926

    • SHA256

      6486a92d436cc53a45104816a7b6c04fa0393388f7a4da7dd0f6a037469ec477

    • SHA512

      446360475286a693edbc4d0938d2deb6ecf3f8a371c09494190fcf07da5da2c0d694d786600c57be3eb7db3182d7b15057f50588a5f0cb4802b54a3cea7259ed

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2iJvRirE0DmoLZsO4EUe:ymb3NkkiQ3mdBjF+3TU2iBRioSnZsTEZ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks