Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2356-6-0x00000000011D0000-0x000000000156E000-memory.dmp
-
Size
3.6MB
-
Sample
240122-b252psdfer
-
MD5
46d156805aa817451ba3d63fba89c6a1
-
SHA1
72a798031148fe3a4294a38fba002383d0d1932d
-
SHA256
032bf8ca29fd50d241d0640d5a83befd655b345e68d0ee5527d22a2a969fb6ec
-
SHA512
9d45b599b18c4ce006dcb4899732ca5da9e9780937b14a8e4d4fc5537d55ffa30dfafb5358547910f432b122606a9304c2e570476f4eae6972f0a609d73175e6
-
SSDEEP
49152:yZBN7/oqhTZIy3WpRcUt83Wfq3Um9u+xU5cj7e4Jxlm:0BNTPXIlPxc1U6j7e4Je
Behavioral task
behavioral1
Sample
2356-6-0x00000000011D0000-0x000000000156E000-memory.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2356-6-0x00000000011D0000-0x000000000156E000-memory.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
v2.0
HacKed
7.tcp.eu.ngrok.io:10369
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
2356-6-0x00000000011D0000-0x000000000156E000-memory.dmp
-
Size
3.6MB
-
MD5
46d156805aa817451ba3d63fba89c6a1
-
SHA1
72a798031148fe3a4294a38fba002383d0d1932d
-
SHA256
032bf8ca29fd50d241d0640d5a83befd655b345e68d0ee5527d22a2a969fb6ec
-
SHA512
9d45b599b18c4ce006dcb4899732ca5da9e9780937b14a8e4d4fc5537d55ffa30dfafb5358547910f432b122606a9304c2e570476f4eae6972f0a609d73175e6
-
SSDEEP
49152:yZBN7/oqhTZIy3WpRcUt83Wfq3Um9u+xU5cj7e4Jxlm:0BNTPXIlPxc1U6j7e4Je
Score7/10-
Drops startup file
-
Legitimate hosting services abused for malware hosting/C2
-