Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
033d72d6e8bb60eb73c0f2d728190205.exe
-
Size
1.1MB
-
Sample
240122-bz9bcaebc5
-
MD5
033d72d6e8bb60eb73c0f2d728190205
-
SHA1
4448197bcf0ec719069586fb177e21b0b025c002
-
SHA256
e589a6a7a03642ccedf7b1a6d5dd1b72e3a12f9fa9d3bdd35da0ae02c9878c09
-
SHA512
4bdb68d56a5019d57cd1a0f44cd9fda0f74baccde9412f3bdd95c6dde031e28769a427240bad2c6f7254fcf9db32875d5498b9955e09b5bc20d18d2aa327b95b
-
SSDEEP
24576:+kL5gmvyAFCBaqNcbQ9GL7qSp+sAhXZMGZerZxG:+k+EbCafso7FVEZvZmD
Static task
static1
Behavioral task
behavioral1
Sample
033d72d6e8bb60eb73c0f2d728190205.exe
Resource
win7-20231129-en
Malware Config
Extracted
njrat
v2.0
HacKed
7.tcp.eu.ngrok.io:10369
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
033d72d6e8bb60eb73c0f2d728190205.exe
-
Size
1.1MB
-
MD5
033d72d6e8bb60eb73c0f2d728190205
-
SHA1
4448197bcf0ec719069586fb177e21b0b025c002
-
SHA256
e589a6a7a03642ccedf7b1a6d5dd1b72e3a12f9fa9d3bdd35da0ae02c9878c09
-
SHA512
4bdb68d56a5019d57cd1a0f44cd9fda0f74baccde9412f3bdd95c6dde031e28769a427240bad2c6f7254fcf9db32875d5498b9955e09b5bc20d18d2aa327b95b
-
SSDEEP
24576:+kL5gmvyAFCBaqNcbQ9GL7qSp+sAhXZMGZerZxG:+k+EbCafso7FVEZvZmD
-
Drops startup file
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-