Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Worm.Win32.Ngrbot.buvj-12067132490a2ba849efa6.dll
-
Size
1.3MB
-
Sample
221230-tj34habb7s
-
MD5
3d28307ea99a1c0266356e1eadbd0e51
-
SHA1
f02d7d39bbac8f71a0f4575a42dcf3001cd3baa4
-
SHA256
12067132490a2ba849efa610c68bad9f411bb92d5e2594737f8922e650be5fda
-
SHA512
c861a989563a1a98cbb16d0c7c867d76563195d82afd03c6c8208e1e75756231e6f9073d90923513b83dcf6660c5edcd9a0f387c933092e0eba822ffa887e8b1
-
SSDEEP
24576:O8FPicUZ6n4mAsAT4cYazgwzri7eGTtk5m:F+qaVHi7eGT65
Behavioral task
behavioral1
Sample
Worm.Win32.Ngrbot.buvj-12067132490a2ba849efa6.dll
Resource
win7-20220812-en
Malware Config
Extracted
danabot
4
192.236.161.79:443
37.220.31.27:443
-
embedded_hash
7FF0AA10AB3BA961670646D23EAE3911
-
type
loader
Targets
-
-
Target
Worm.Win32.Ngrbot.buvj-12067132490a2ba849efa6.dll
-
Size
1.3MB
-
MD5
3d28307ea99a1c0266356e1eadbd0e51
-
SHA1
f02d7d39bbac8f71a0f4575a42dcf3001cd3baa4
-
SHA256
12067132490a2ba849efa610c68bad9f411bb92d5e2594737f8922e650be5fda
-
SHA512
c861a989563a1a98cbb16d0c7c867d76563195d82afd03c6c8208e1e75756231e6f9073d90923513b83dcf6660c5edcd9a0f387c933092e0eba822ffa887e8b1
-
SSDEEP
24576:O8FPicUZ6n4mAsAT4cYazgwzri7eGTtk5m:F+qaVHi7eGT65
-
Danabot Loader Component
-
Blocklisted process makes network request
-