Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    xxx.exe

  • Size

    93KB

  • Sample

    240116-bbg7ysahh5

  • MD5

    252149789451414f180fe6573d769200

  • SHA1

    c03a42a83251319e4f51c113dafe4d9ee2c47885

  • SHA256

    2f6e2edaf8c2881e6cb3e993a57dc77bd6e21014569bf3a509e015eefc622a11

  • SHA512

    0a6f5e7782e855e86a4e920f2594b7341511b54bfbcdcc928ac1664dad6b90d835f4cb43dd6404e80b094e08f6e13d9069963cb1ab3ef60c0e94029c97b3642d

  • SSDEEP

    1536:4VwC+xhUa9urgOBPmNvM4jEwzGi1dDXDEgS:4VmUa9urgOkdGi1dH9

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

0.tcp.eu.ngrok.io:10363

Mutex

663efcb3323aa8480987cad2d2a44514

Attributes
  • reg_key

    663efcb3323aa8480987cad2d2a44514

  • splitter

    |'|'|

Targets

    • Target

      xxx.exe

    • Size

      93KB

    • MD5

      252149789451414f180fe6573d769200

    • SHA1

      c03a42a83251319e4f51c113dafe4d9ee2c47885

    • SHA256

      2f6e2edaf8c2881e6cb3e993a57dc77bd6e21014569bf3a509e015eefc622a11

    • SHA512

      0a6f5e7782e855e86a4e920f2594b7341511b54bfbcdcc928ac1664dad6b90d835f4cb43dd6404e80b094e08f6e13d9069963cb1ab3ef60c0e94029c97b3642d

    • SSDEEP

      1536:4VwC+xhUa9urgOBPmNvM4jEwzGi1dDXDEgS:4VmUa9urgOkdGi1dH9

    Score
    8/10
    • Disables Task Manager via registry modification

    • Modifies Windows Firewall

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks