Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
73a2d271f4b6cc3e4c32148efb7cdbf3
-
Size
863KB
-
Sample
240125-d7qv3sfdf8
-
MD5
73a2d271f4b6cc3e4c32148efb7cdbf3
-
SHA1
550fe66935f84711afd25b562d8c58d1e54f5306
-
SHA256
092a9a5a2dae728331834b73af9602e7602fc70954e512778a3cce3a3ccfac79
-
SHA512
3ee536886a5f000eefd18a3dd9dcbb8fe9f1a7e13e1236796b8dfc85c77b8c12c768cde9cd75fbef6c4695a9c719ac9abd62dc96f8dcfb87f3ae71ba7ca1073d
-
SSDEEP
12288:p4lsXvtCcmVVXzzn4PJAahPl/QEdIMiVbHydEIJnJWUgaF7Q67Rq9MmCS:p4lavt0LkLL9IMixoEgeaZhRq9MmCS
Static task
static1
Behavioral task
behavioral1
Sample
73a2d271f4b6cc3e4c32148efb7cdbf3.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
73a2d271f4b6cc3e4c32148efb7cdbf3.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
0.7d
HacKed
10.10.10.10:5552
0dc24807523d3cd24b54cd0996e4c49b
-
reg_key
0dc24807523d3cd24b54cd0996e4c49b
-
splitter
|'|'|
Targets
-
-
Target
73a2d271f4b6cc3e4c32148efb7cdbf3
-
Size
863KB
-
MD5
73a2d271f4b6cc3e4c32148efb7cdbf3
-
SHA1
550fe66935f84711afd25b562d8c58d1e54f5306
-
SHA256
092a9a5a2dae728331834b73af9602e7602fc70954e512778a3cce3a3ccfac79
-
SHA512
3ee536886a5f000eefd18a3dd9dcbb8fe9f1a7e13e1236796b8dfc85c77b8c12c768cde9cd75fbef6c4695a9c719ac9abd62dc96f8dcfb87f3ae71ba7ca1073d
-
SSDEEP
12288:p4lsXvtCcmVVXzzn4PJAahPl/QEdIMiVbHydEIJnJWUgaF7Q67Rq9MmCS:p4lavt0LkLL9IMixoEgeaZhRq9MmCS
Score10/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1