Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ba01ead08a32fdc4048df2a6cd555663.exe
-
Size
37KB
-
Sample
240112-snfckaaddq
-
MD5
ba01ead08a32fdc4048df2a6cd555663
-
SHA1
d4e659802b1c9c473c4072cc2450bb31e7719547
-
SHA256
43bdfc9704b3cf395af87f2bee4d8e06ba314e99a545b32a5416249744dc6961
-
SHA512
8d46a022386cb81225a2964f0d885b63842f2ba0bb5bdea8e323be81d429efbcdf5705a9c8e353e544edf1e816968a336c2f8759c66038adb47cbab59a46c7f4
-
SSDEEP
384:MySvEiTbTvpWNcZ0y8fvCv3v3cLkacparAF+rMRTyN/0L+EcoinblneHQM3epzXU:tS7TZ38fvCv3E1cQrM+rMRa8Nuzat
Behavioral task
behavioral1
Sample
ba01ead08a32fdc4048df2a6cd555663.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ba01ead08a32fdc4048df2a6cd555663.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
njrat
im523
HacKed
4.tcp.eu.ngrok.io:15595
7d59e96b56ce3e3efefe1898b2888670
-
reg_key
7d59e96b56ce3e3efefe1898b2888670
-
splitter
|'|'|
Targets
-
-
Target
ba01ead08a32fdc4048df2a6cd555663.exe
-
Size
37KB
-
MD5
ba01ead08a32fdc4048df2a6cd555663
-
SHA1
d4e659802b1c9c473c4072cc2450bb31e7719547
-
SHA256
43bdfc9704b3cf395af87f2bee4d8e06ba314e99a545b32a5416249744dc6961
-
SHA512
8d46a022386cb81225a2964f0d885b63842f2ba0bb5bdea8e323be81d429efbcdf5705a9c8e353e544edf1e816968a336c2f8759c66038adb47cbab59a46c7f4
-
SSDEEP
384:MySvEiTbTvpWNcZ0y8fvCv3v3cLkacparAF+rMRTyN/0L+EcoinblneHQM3epzXU:tS7TZ38fvCv3E1cQrM+rMRa8Nuzat
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Legitimate hosting services abused for malware hosting/C2
-