Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96
-
Size
246KB
-
Sample
221001-3c8vvabfg2
-
MD5
66a37d7b13902048a7b947785c990910
-
SHA1
c845c1c9ba6e5d07404600e2e2f1b674f5e9e485
-
SHA256
eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96
-
SHA512
759b9a3ca40fd89140285dbc32b25b56d9ffa1c64adbf240e5b175dc0e9b0c26ff4ff6bffe397c31e8cefa38c0cc93b2c818ee2a23898dad5a8dba52baeaab30
-
SSDEEP
6144:jfMrmQ0hVh5kIr06t5J2wiAksaDlRCDeu3OmDv5r9S4vPMHie3Fg1SAuK1:gqr0IJJzdahRCau3lvd3MzWG
Malware Config
Extracted
njrat
0.7d
ابو فرنقع
xk03.no-ip.biz:5552
c294eacc4eeb89346402ee701c9e81b9
-
reg_key
c294eacc4eeb89346402ee701c9e81b9
-
splitter
|'|'|
Targets
-
-
Target
eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96
-
Size
246KB
-
MD5
66a37d7b13902048a7b947785c990910
-
SHA1
c845c1c9ba6e5d07404600e2e2f1b674f5e9e485
-
SHA256
eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96
-
SHA512
759b9a3ca40fd89140285dbc32b25b56d9ffa1c64adbf240e5b175dc0e9b0c26ff4ff6bffe397c31e8cefa38c0cc93b2c818ee2a23898dad5a8dba52baeaab30
-
SSDEEP
6144:jfMrmQ0hVh5kIr06t5J2wiAksaDlRCDeu3OmDv5r9S4vPMHie3Fg1SAuK1:gqr0IJJzdahRCau3lvd3MzWG
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-