Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
62c4df631a57d58d85da1ec220c415e0837882624455c8665dcf03b596d3aed4
-
Size
29KB
-
Sample
221125-zz8ltaab7s
-
MD5
b293c34c4df6b7567124976285d46765
-
SHA1
0d582233200777ddef915fc6247f3b80e96c83e2
-
SHA256
62c4df631a57d58d85da1ec220c415e0837882624455c8665dcf03b596d3aed4
-
SHA512
72f8903ee970b55332341a264097a4542fafd7ca59d82f4ad1f2ef15cd8010c469b2458aa59652b25a464f470cb1d713c2047e95c7d33a3dfc5394d3b0a693b4
-
SSDEEP
384:gx8EBl7Bvgk4Xe0exn5RhVNaemqDq9xrefTGBsbh0w4wlAokw9OhgOL1vYRGOZzu:gN7Kk4XePlFzsq+xre6BKh0p29SgRJo
Malware Config
Extracted
njrat
0.6.4
HacKed
kamaly.myq-see.com:1177
36d7a02fbca41f608c4baf27f6374668
-
reg_key
36d7a02fbca41f608c4baf27f6374668
-
splitter
|'|'|
Targets
-
-
Target
62c4df631a57d58d85da1ec220c415e0837882624455c8665dcf03b596d3aed4
-
Size
29KB
-
MD5
b293c34c4df6b7567124976285d46765
-
SHA1
0d582233200777ddef915fc6247f3b80e96c83e2
-
SHA256
62c4df631a57d58d85da1ec220c415e0837882624455c8665dcf03b596d3aed4
-
SHA512
72f8903ee970b55332341a264097a4542fafd7ca59d82f4ad1f2ef15cd8010c469b2458aa59652b25a464f470cb1d713c2047e95c7d33a3dfc5394d3b0a693b4
-
SSDEEP
384:gx8EBl7Bvgk4Xe0exn5RhVNaemqDq9xrefTGBsbh0w4wlAokw9OhgOL1vYRGOZzu:gN7Kk4XePlFzsq+xre6BKh0p29SgRJo
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-