Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
судуыешфд с.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
судуыешфд с.exe
Resource
win10v2004-20231215-en
General
-
Target
судуыешфд с.exe
-
Size
134KB
-
MD5
503f3a5d4022a3b571b08e10e54dd1cf
-
SHA1
82a127195cce3a5315fb3e809ca0c57e38f9f996
-
SHA256
0bf5b69ec22efaf0227f0579074bcf0b1d4b33403eb1bf9b4ca286d85b0893ef
-
SHA512
21d9ae1e4cf09fb605df13165c462c79b79a4e8a98ef4387b2c8a76b8bfbeef00b78d05703b035bfa123809b5b0cb87c1ac31799d88e71d9f524bf18cf7c825d
-
SSDEEP
3072:FV28wLn+yJpxUKKA8foBVaM8SKfbzxcwg7es6/Vsb8VKTu:K8wqZKGgBdUhcX7elbKTu
Malware Config
Extracted
njrat
im523
HacKed
7.tcp.eu.ngrok.io:16362
eaa19211a94c8cffb531abfc08c0b590
-
reg_key
eaa19211a94c8cffb531abfc08c0b590
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource судуыешфд с.exe
Files
-
судуыешфд с.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 98KB - Virtual size: 97KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ