Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
53ff7f325392759ad23ecff401bf6534
-
Size
307KB
-
Sample
231219-s854qaggbq
-
MD5
53ff7f325392759ad23ecff401bf6534
-
SHA1
c3dd5b7fde858765da3c5412fad797e3e1a0c9aa
-
SHA256
eea22615ac37aca1c2258c1283f397a6de1f24967bc9ccf649d81ccd1fd04a19
-
SHA512
629503978bb475470c61c94fc509701fa58ec268be0c4bb65696b9d93bc4b53cf29b07d8de039c69e70958639176f5258e5be1f1875b07daa2e714735ecb8ca6
-
SSDEEP
6144:0jbei1kGc+HGcPCaTk+4/b2lSd6tsLTXv4A3qssRF0gx5CR:0u+c+FPCaTkn2lSRLrgAapf0gx5CR
Static task
static1
Behavioral task
behavioral1
Sample
53ff7f325392759ad23ecff401bf6534.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
53ff7f325392759ad23ecff401bf6534.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
0.7.3
Hacked
6.tcp.eu.ngrok.io:15787
MILF.exe
-
reg_key
MILF.exe
-
splitter
123
Targets
-
-
Target
53ff7f325392759ad23ecff401bf6534
-
Size
307KB
-
MD5
53ff7f325392759ad23ecff401bf6534
-
SHA1
c3dd5b7fde858765da3c5412fad797e3e1a0c9aa
-
SHA256
eea22615ac37aca1c2258c1283f397a6de1f24967bc9ccf649d81ccd1fd04a19
-
SHA512
629503978bb475470c61c94fc509701fa58ec268be0c4bb65696b9d93bc4b53cf29b07d8de039c69e70958639176f5258e5be1f1875b07daa2e714735ecb8ca6
-
SSDEEP
6144:0jbei1kGc+HGcPCaTk+4/b2lSd6tsLTXv4A3qssRF0gx5CR:0u+c+FPCaTkn2lSRLrgAapf0gx5CR
Score10/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-