Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4f11fe373c27b39ff2eba9f951eec263f10a6d16fce7eefa5d979180859d0c3a
-
Size
23KB
-
Sample
221123-yf1anach9z
-
MD5
bc3b47fecbf0e80808958e62fbc59a13
-
SHA1
9b23b03fc5190fd5b1af5b8f9d5d55f4450f7b13
-
SHA256
4f11fe373c27b39ff2eba9f951eec263f10a6d16fce7eefa5d979180859d0c3a
-
SHA512
d046409001437f142f592634078ee7dc7414eef3dba539d11434fea0be3c50881809244426ac6f965d88f2f850f257dfb109e42ec0095947eb6559bc79c1e60c
-
SSDEEP
384:7QeCo2zmZbQHkJeCdUwBvQ61gjuQBnB9mRvR6JZlbw8hqIusZzZhV:85yBVd7Rpcnus
Malware Config
Extracted
njrat
0.7d
HacKed
xtracker81.no-ip.org:1990
8b74ececc3fc6b7e3b7d1ea01fe47d6c
-
reg_key
8b74ececc3fc6b7e3b7d1ea01fe47d6c
-
splitter
|'|'|
Targets
-
-
Target
4f11fe373c27b39ff2eba9f951eec263f10a6d16fce7eefa5d979180859d0c3a
-
Size
23KB
-
MD5
bc3b47fecbf0e80808958e62fbc59a13
-
SHA1
9b23b03fc5190fd5b1af5b8f9d5d55f4450f7b13
-
SHA256
4f11fe373c27b39ff2eba9f951eec263f10a6d16fce7eefa5d979180859d0c3a
-
SHA512
d046409001437f142f592634078ee7dc7414eef3dba539d11434fea0be3c50881809244426ac6f965d88f2f850f257dfb109e42ec0095947eb6559bc79c1e60c
-
SSDEEP
384:7QeCo2zmZbQHkJeCdUwBvQ61gjuQBnB9mRvR6JZlbw8hqIusZzZhV:85yBVd7Rpcnus
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-