Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5db86fb856358127144e89c13b8c876c

  • Size

    226KB

  • Sample

    240115-wkz5caddf8

  • MD5

    5db86fb856358127144e89c13b8c876c

  • SHA1

    560119b955ab085a683feaeb06b4997d0199b2c2

  • SHA256

    f953e944392115d3161167729f8f8fd7fa8b4a34924183d34a78e49ae5d1fd77

  • SHA512

    117376601c30e944b765ac5a8c0448c49480d5ee3121d11200545714307033650a622980bc2027366c762e787599b012366c0baca2591de67f8e40fcb0c75879

  • SSDEEP

    6144:Zxu797V7CvkziWkXAIBtEUetFTZdXTZdHXTZdXTZNY0jzV5f44:7O9h7ukziWy9EUKFTZdXTZdHXTZdXTZb

Score
10/10

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

d3dx-botnet.portmap.host:7276

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Targets

    • Target

      5db86fb856358127144e89c13b8c876c

    • Size

      226KB

    • MD5

      5db86fb856358127144e89c13b8c876c

    • SHA1

      560119b955ab085a683feaeb06b4997d0199b2c2

    • SHA256

      f953e944392115d3161167729f8f8fd7fa8b4a34924183d34a78e49ae5d1fd77

    • SHA512

      117376601c30e944b765ac5a8c0448c49480d5ee3121d11200545714307033650a622980bc2027366c762e787599b012366c0baca2591de67f8e40fcb0c75879

    • SSDEEP

      6144:Zxu797V7CvkziWkXAIBtEUetFTZdXTZdHXTZdXTZNY0jzV5f44:7O9h7ukziWy9EUKFTZdXTZdHXTZdXTZb

    Score
    10/10
    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Drops startup file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks