Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
61163a9b3febd6b69af13b15889783cd
-
Size
4.5MB
-
Sample
240116-2vb36accaq
-
MD5
61163a9b3febd6b69af13b15889783cd
-
SHA1
8074b6aa3235abdd74b297c49a6a2d9e125803cf
-
SHA256
b1bdc2d7698615f452b9719b25429d90e688878e5b01b08ad32a164e755493a3
-
SHA512
2b3c516f5e57fe155ff95fa6e60c61e3c60788f25a18cebcd42262f0cd5e7cbd6f035767c841adbb5ff8cb7d3595ca70519e2e71eb393d4f616d57f4f36880d4
-
SSDEEP
98304:nviz/27qWGq/TzuqCDl2Ptao7jazHMNl28cGSbf:nviq75/TzufdQNlcf
Static task
static1
Behavioral task
behavioral1
Sample
61163a9b3febd6b69af13b15889783cd.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
61163a9b3febd6b69af13b15889783cd.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
0.7d
HacKed
inforhack.ddns.net:2040
39bd3bca5134dd3873886412992a52a5
-
reg_key
39bd3bca5134dd3873886412992a52a5
-
splitter
|'|'|
Targets
-
-
Target
61163a9b3febd6b69af13b15889783cd
-
Size
4.5MB
-
MD5
61163a9b3febd6b69af13b15889783cd
-
SHA1
8074b6aa3235abdd74b297c49a6a2d9e125803cf
-
SHA256
b1bdc2d7698615f452b9719b25429d90e688878e5b01b08ad32a164e755493a3
-
SHA512
2b3c516f5e57fe155ff95fa6e60c61e3c60788f25a18cebcd42262f0cd5e7cbd6f035767c841adbb5ff8cb7d3595ca70519e2e71eb393d4f616d57f4f36880d4
-
SSDEEP
98304:nviz/27qWGq/TzuqCDl2Ptao7jazHMNl28cGSbf:nviq75/TzufdQNlcf
Score10/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1