Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

drweb.exe

windows7-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    drweb.exe

  • Size

    151KB

  • Sample

    230629-1cyc1afb84

  • MD5

    db5fa6ff80870f8041e0b31b00c43575

  • SHA1

    aa22dd900a62ce990080bd848567ba8239c397dc

  • SHA256

    59b5e11f75751ce321671ed65883c1d67cf4736bb07f43000215afd3a2def406

  • SHA512

    92bc1cfe2319055e93e8aa3ba647ffcdc4a1baea166871a9b8b09a0400273b719eed169f031a47166f9383d0022459f6d99229eddd7779f02768d70cfa10a0f7

  • SSDEEP

    3072:0Oj3YL2p+yJgNAjVd1nut+uV2mTVDjFwkWl176jZ1hCagdgvPW:L3YLfOVdRQ/vqkg1gEagdgH

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

127.0.0.1:5552

Mutex

08022291fe871213f172041da3b6ef33

Attributes
  • reg_key

    08022291fe871213f172041da3b6ef33

  • splitter

    |'|'|

Targets

    • Target

      drweb.exe

    • Size

      151KB

    • MD5

      db5fa6ff80870f8041e0b31b00c43575

    • SHA1

      aa22dd900a62ce990080bd848567ba8239c397dc

    • SHA256

      59b5e11f75751ce321671ed65883c1d67cf4736bb07f43000215afd3a2def406

    • SHA512

      92bc1cfe2319055e93e8aa3ba647ffcdc4a1baea166871a9b8b09a0400273b719eed169f031a47166f9383d0022459f6d99229eddd7779f02768d70cfa10a0f7

    • SSDEEP

      3072:0Oj3YL2p+yJgNAjVd1nut+uV2mTVDjFwkWl176jZ1hCagdgvPW:L3YLfOVdRQ/vqkg1gEagdgH

    Score
    10/10
    njrathackedevasiontrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks