Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1102b76e764dbb7e3978258f47eeaaee10429ba18de626d116913056185c35e4
-
Size
23KB
-
Sample
221128-amds8sef5x
-
MD5
21dab2d70a43dc5b058f6e711f4c8526
-
SHA1
0b6080334661692c432eb36a0a4e19b240d6b936
-
SHA256
1102b76e764dbb7e3978258f47eeaaee10429ba18de626d116913056185c35e4
-
SHA512
fb597f271298d6b8eb89969db7d6c8d5891f049525cf219eca96bb6f45e817bf9350bf5307d59b61092d4463818c99ceccec3ae4f14247fbd2c1431980b10317
-
SSDEEP
384:PzRWKCWs5Mx/YZPxvnjmQdFxH84GlQ6rgdAyZxLdmRvR6JZlbw8hqIusZzZNpa:PtmXAOvnjDdF9cRpcnud
Malware Config
Extracted
njrat
0.7d
BetaBotHERE
mytest12.no-ip.biz:1606
6f09905a9ba4915313ad7f7f5a7f11b9
-
reg_key
6f09905a9ba4915313ad7f7f5a7f11b9
-
splitter
|'|'|
Targets
-
-
Target
1102b76e764dbb7e3978258f47eeaaee10429ba18de626d116913056185c35e4
-
Size
23KB
-
MD5
21dab2d70a43dc5b058f6e711f4c8526
-
SHA1
0b6080334661692c432eb36a0a4e19b240d6b936
-
SHA256
1102b76e764dbb7e3978258f47eeaaee10429ba18de626d116913056185c35e4
-
SHA512
fb597f271298d6b8eb89969db7d6c8d5891f049525cf219eca96bb6f45e817bf9350bf5307d59b61092d4463818c99ceccec3ae4f14247fbd2c1431980b10317
-
SSDEEP
384:PzRWKCWs5Mx/YZPxvnjmQdFxH84GlQ6rgdAyZxLdmRvR6JZlbw8hqIusZzZNpa:PtmXAOvnjDdF9cRpcnud
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-