Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

chrome.exe

windows7-x64

8

chrome.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dd7e2fc0e741939eda7f92c201d02a289fdadb18b42f7d0e6a55ec77d46a4cf6

  • Size

    37KB

  • Sample

    221125-3aeh8aea82

  • MD5

    1807fcf631e15e9d8bf934272fb3c8ee

  • SHA1

    a59b436b58469b1ac1669f26fc2d856e81091937

  • SHA256

    dd7e2fc0e741939eda7f92c201d02a289fdadb18b42f7d0e6a55ec77d46a4cf6

  • SHA512

    3a37a1ce38e39c7baed0637a2d8e622a63f7da7059432d932ca1c516caf1b395058145a5ca99d60b419a6c2be267267966cd7a966e6b25193a016b2d0263b46c

  • SSDEEP

    768:ApcDORdf5fAWfJxdJFRrUxrewOf+mbepVwO6dBuf9mrPt9kWojG:JDgxuWfJLket5DCorP3k9jG

Score
10/10
njratrezhwanhachevasion

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

rezhwanhach

C2

rezhwanhack.noip.me:1194

Mutex

d5a38e9b5f206c41f8851bf04a251d26

Attributes
  • reg_key

    d5a38e9b5f206c41f8851bf04a251d26

  • splitter

    |'|'|

Targets

    • Target

      chrome.exe

    • Size

      120KB

    • MD5

      978d9c2bef2e61503734411dff1b6d57

    • SHA1

      a35e43c01957fcc989707dc059433d0c3774f5f1

    • SHA256

      9b07816bdd653b96cc345dc013db13b16707a64fd68a78ef43e1db78f25480b0

    • SHA512

      1e8819a4696825a680991b53460bdfc1c5c9ce969bc6828123fa1baa22c34ecbdf57fdc24d0e9573ba7f8fddef8d58fa358d40eee7c99271c5d22531dc2bb797

    • SSDEEP

      1536:b7j6kJFKhG29jZ97jr+64JF91AcN4cMgGylloMbj82dNJytxvfiWHtaEvRwW:T6MMA29LS64L91dLytdfZHtaEvd

    Score
    8/10
    evasion

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks