Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dobro.exe
-
Size
151KB
-
Sample
230630-m1zn3shh5s
-
MD5
a443234e456bbc4a78605ab336e7d7f6
-
SHA1
3ce499b7866a684755ae6b38980438719bff784b
-
SHA256
723d4e16788b240cd61087fe9b70d3f6e60117d0b7af0e242457a77541e277ce
-
SHA512
4fdfb874d9db98058709ce72bb7ca8b9dad2307f168ee2aae225ecc26fec33f5c41ceaa67d61ad6617181ccb85a237283e75cb6f43a74051155ec8c0d7fdbcd1
-
SSDEEP
3072:klgjq8s+yJueAjVd1nut+uV2mTVDjFwkWl176jZ1hCagdgvPW:WgjqARVdRQ/vqkg1gEagdgH
Behavioral task
behavioral1
Sample
dobro.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
dobro.exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
njrat
im523
HacKed_CrosSs
5.101.21.20:1555
4742a84879c01b0661392ad95615a345
-
reg_key
4742a84879c01b0661392ad95615a345
-
splitter
|'|'|
Targets
-
-
Target
dobro.exe
-
Size
151KB
-
MD5
a443234e456bbc4a78605ab336e7d7f6
-
SHA1
3ce499b7866a684755ae6b38980438719bff784b
-
SHA256
723d4e16788b240cd61087fe9b70d3f6e60117d0b7af0e242457a77541e277ce
-
SHA512
4fdfb874d9db98058709ce72bb7ca8b9dad2307f168ee2aae225ecc26fec33f5c41ceaa67d61ad6617181ccb85a237283e75cb6f43a74051155ec8c0d7fdbcd1
-
SSDEEP
3072:klgjq8s+yJueAjVd1nut+uV2mTVDjFwkWl176jZ1hCagdgvPW:WgjqARVdRQ/vqkg1gEagdgH
Score10/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-