Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0cf6e87898154ed27f222d8e419fdac46af83f56fdfd9cd98dd3ce0054425a51
-
Size
23KB
-
Sample
231022-bzmgksef93
-
MD5
4edcfd91cd4a027a231229628d916199
-
SHA1
41b00fe515d09eb782c60cec40a613dbb2aa9baa
-
SHA256
0cf6e87898154ed27f222d8e419fdac46af83f56fdfd9cd98dd3ce0054425a51
-
SHA512
97c90e13b0c3345cbc68e28b7f51753f68251237dc3b78a4c2ae69b02c32e70135c4f071fba2375e1d74de76bb6ee315004c68c9d461acc193f420a67f35e2be
-
SSDEEP
384:jslUlEvOEJ8xWwYJOMiOBZEdj1567gtwi5HhbQmRvR6JZlbw8hqIusZzZ79:0eEvwIlLMRpcnum
Malware Config
Extracted
njrat
0.7d
HacKed
127.0.0.1:3158
438ad8da930bb7c83b93f51aeb9fe2d1
-
reg_key
438ad8da930bb7c83b93f51aeb9fe2d1
-
splitter
|'|'|
Targets
-
-
Target
0cf6e87898154ed27f222d8e419fdac46af83f56fdfd9cd98dd3ce0054425a51
-
Size
23KB
-
MD5
4edcfd91cd4a027a231229628d916199
-
SHA1
41b00fe515d09eb782c60cec40a613dbb2aa9baa
-
SHA256
0cf6e87898154ed27f222d8e419fdac46af83f56fdfd9cd98dd3ce0054425a51
-
SHA512
97c90e13b0c3345cbc68e28b7f51753f68251237dc3b78a4c2ae69b02c32e70135c4f071fba2375e1d74de76bb6ee315004c68c9d461acc193f420a67f35e2be
-
SSDEEP
384:jslUlEvOEJ8xWwYJOMiOBZEdj1567gtwi5HhbQmRvR6JZlbw8hqIusZzZ79:0eEvwIlLMRpcnum
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Modifies Windows Firewall
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1