Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2884-6-0x00000000003C0000-0x000000000075E000-memory.dmp
-
Size
3.6MB
-
Sample
240122-b33yqsebh8
-
MD5
a69084241977103f8b75e5d6017aae54
-
SHA1
282dbf898a141698f9fb816954dc9e55ebc48fc7
-
SHA256
0ae541ea31f52e638d1d7376a7045295cde1f725f3df97b50965aa83f5aa891f
-
SHA512
3e8483510bb53147a1587d140942a5bede2015d57ef38573d51bd20ca9d1e0dc3a25e91b6af10dd7a206ad03222c50b8789bdc970af9f78ea6c41246fbd6bdd3
-
SSDEEP
49152:+YxljcboTrIq3enc4N63afq3Um9u+xU5cj7e4Jxlm:+YxpGyIpnjc1U6j7e4Je
Behavioral task
behavioral1
Sample
2884-6-0x00000000003C0000-0x000000000075E000-memory.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2884-6-0x00000000003C0000-0x000000000075E000-memory.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
v2.0
HacKed
7.tcp.eu.ngrok.io:10369
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
2884-6-0x00000000003C0000-0x000000000075E000-memory.dmp
-
Size
3.6MB
-
MD5
a69084241977103f8b75e5d6017aae54
-
SHA1
282dbf898a141698f9fb816954dc9e55ebc48fc7
-
SHA256
0ae541ea31f52e638d1d7376a7045295cde1f725f3df97b50965aa83f5aa891f
-
SHA512
3e8483510bb53147a1587d140942a5bede2015d57ef38573d51bd20ca9d1e0dc3a25e91b6af10dd7a206ad03222c50b8789bdc970af9f78ea6c41246fbd6bdd3
-
SSDEEP
49152:+YxljcboTrIq3enc4N63afq3Um9u+xU5cj7e4Jxlm:+YxpGyIpnjc1U6j7e4Je
Score7/10-
Drops startup file
-
Legitimate hosting services abused for malware hosting/C2
-