Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.645550c42c7ebdd91141943376998910.exe

  • Size

    337KB

  • Sample

    231103-nvfvfshe7v

  • MD5

    645550c42c7ebdd91141943376998910

  • SHA1

    3de61240a44d9f5a7041d190cc120dad451d58a2

  • SHA256

    e29c24dabaa6b74251eacc2e44696866e4a6e2b3fdda5b1dd8f3b2ecbe22ef30

  • SHA512

    309701f1a3667966b589c0b4f8e11adc8b72b21050bdf0f215c83a6553e6a98fa16c8c05d93144a8b1916986a7c9517899b1786d531671ff92f319f6cd54f5fb

  • SSDEEP

    3072:Ay4yv9H5xlwLvLLFFFoIhWjvgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:VHzlyGv1+fIyG5jZkCwi8r

Malware Config

Targets

    • Target

      NEAS.645550c42c7ebdd91141943376998910.exe

    • Size

      337KB

    • MD5

      645550c42c7ebdd91141943376998910

    • SHA1

      3de61240a44d9f5a7041d190cc120dad451d58a2

    • SHA256

      e29c24dabaa6b74251eacc2e44696866e4a6e2b3fdda5b1dd8f3b2ecbe22ef30

    • SHA512

      309701f1a3667966b589c0b4f8e11adc8b72b21050bdf0f215c83a6553e6a98fa16c8c05d93144a8b1916986a7c9517899b1786d531671ff92f319f6cd54f5fb

    • SSDEEP

      3072:Ay4yv9H5xlwLvLLFFFoIhWjvgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:VHzlyGv1+fIyG5jZkCwi8r

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks