Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
897e9a05e4275fe0a5597b918540a55a6a58558bde11400b6565f466285e1c09
-
Size
29KB
-
Sample
221029-gdtxesdae9
-
MD5
7a5879743116ac6ec42719b1e9569908
-
SHA1
be79ab851ffac147cdbba39eb7415e253b2c00cb
-
SHA256
897e9a05e4275fe0a5597b918540a55a6a58558bde11400b6565f466285e1c09
-
SHA512
e78e665b8fafefe5985c6c164c0069a8d2a30651cc88f28ef773451f2e69e671fa5d8ddd3834dea36c7fb387593c9c46860d29a28a214b1d524a70b175470283
-
SSDEEP
384:GlWjNl7XNRoWGVulRVJ5zaImGmqDcI6ewdGBsbh0w4wlAokw9OhgOL1vYRGOZzkf:Gu7ToWGVKhcI4qN6exBKh0p29SgRMVd
Malware Config
Extracted
njrat
0.6.4
HacKed
127.0.0.1:1177
08f4dc96bbb7af09d1a37fe35c75a42f
-
reg_key
08f4dc96bbb7af09d1a37fe35c75a42f
-
splitter
|'|'|
Targets
-
-
Target
897e9a05e4275fe0a5597b918540a55a6a58558bde11400b6565f466285e1c09
-
Size
29KB
-
MD5
7a5879743116ac6ec42719b1e9569908
-
SHA1
be79ab851ffac147cdbba39eb7415e253b2c00cb
-
SHA256
897e9a05e4275fe0a5597b918540a55a6a58558bde11400b6565f466285e1c09
-
SHA512
e78e665b8fafefe5985c6c164c0069a8d2a30651cc88f28ef773451f2e69e671fa5d8ddd3834dea36c7fb387593c9c46860d29a28a214b1d524a70b175470283
-
SSDEEP
384:GlWjNl7XNRoWGVulRVJ5zaImGmqDcI6ewdGBsbh0w4wlAokw9OhgOL1vYRGOZzkf:Gu7ToWGVKhcI4qN6exBKh0p29SgRMVd
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-