Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2884-6-0x00000000003C0000-0x000000000075E000-memory.dmp

  • Size

    3.6MB

  • Sample

    240122-b33yqsebh8

  • MD5

    a69084241977103f8b75e5d6017aae54

  • SHA1

    282dbf898a141698f9fb816954dc9e55ebc48fc7

  • SHA256

    0ae541ea31f52e638d1d7376a7045295cde1f725f3df97b50965aa83f5aa891f

  • SHA512

    3e8483510bb53147a1587d140942a5bede2015d57ef38573d51bd20ca9d1e0dc3a25e91b6af10dd7a206ad03222c50b8789bdc970af9f78ea6c41246fbd6bdd3

  • SSDEEP

    49152:+YxljcboTrIq3enc4N63afq3Um9u+xU5cj7e4Jxlm:+YxpGyIpnjc1U6j7e4Je

Score
10/10

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

7.tcp.eu.ngrok.io:10369

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Targets

    • Target

      2884-6-0x00000000003C0000-0x000000000075E000-memory.dmp

    • Size

      3.6MB

    • MD5

      a69084241977103f8b75e5d6017aae54

    • SHA1

      282dbf898a141698f9fb816954dc9e55ebc48fc7

    • SHA256

      0ae541ea31f52e638d1d7376a7045295cde1f725f3df97b50965aa83f5aa891f

    • SHA512

      3e8483510bb53147a1587d140942a5bede2015d57ef38573d51bd20ca9d1e0dc3a25e91b6af10dd7a206ad03222c50b8789bdc970af9f78ea6c41246fbd6bdd3

    • SSDEEP

      49152:+YxljcboTrIq3enc4N63afq3Um9u+xU5cj7e4Jxlm:+YxpGyIpnjc1U6j7e4Je

    Score
    7/10
    • Drops startup file

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks