Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a6e3ccd72b72a65c167e090f62e1d1ff32a3ab774cf2cecbf68b50d23fb1983_NeikiAnalytics.exe

  • Size

    92KB

  • Sample

    240625-d9qcbssblp

  • MD5

    38f49eff137b92c50a9d7945572185b0

  • SHA1

    8952db17f47e0755af64c5b8c03a9441df0fa8ff

  • SHA256

    2a6e3ccd72b72a65c167e090f62e1d1ff32a3ab774cf2cecbf68b50d23fb1983

  • SHA512

    ace7991c6350e41e848da3f78e39186bc8d28c46168d5322cfe521e80ad0eafe1e4be156d952f08cd91643d3610626c90662782706bd1f4f44d64094fbfa342a

  • SSDEEP

    1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWprCTI:8hOmTsF93UYfwC6GIout0fmCiiiXA6mP

Malware Config

Targets

    • Target

      2a6e3ccd72b72a65c167e090f62e1d1ff32a3ab774cf2cecbf68b50d23fb1983_NeikiAnalytics.exe

    • Size

      92KB

    • MD5

      38f49eff137b92c50a9d7945572185b0

    • SHA1

      8952db17f47e0755af64c5b8c03a9441df0fa8ff

    • SHA256

      2a6e3ccd72b72a65c167e090f62e1d1ff32a3ab774cf2cecbf68b50d23fb1983

    • SHA512

      ace7991c6350e41e848da3f78e39186bc8d28c46168d5322cfe521e80ad0eafe1e4be156d952f08cd91643d3610626c90662782706bd1f4f44d64094fbfa342a

    • SSDEEP

      1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWprCTI:8hOmTsF93UYfwC6GIout0fmCiiiXA6mP

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks