Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Ratka.exe
-
Size
37KB
-
Sample
240612-gwf4aasfkh
-
MD5
f82ab1b6c91dbfc8a1fc643f3c10922b
-
SHA1
5088dc1515bf6cedfbea693bdf0d897e25345775
-
SHA256
3ba782f1ddf9b091232171b072b30dd145090d02cbb16f6ed816e14e35885285
-
SHA512
def496bca5a0cc7957d726d02409372885292690618ae5a13c44e6921fb7de72e5ec8e1855a2cb1de9d4cc1d77be01f3e7d65889b17bf41f00cea12d6b6f805e
-
SSDEEP
384:VmOq0IiejvCVLO309QmykrtG+dA+Vd7wvOSiKrAF+rMRTyN/0L+EcoinblneHQMi:XLdGdkrgYH7wWS9rM+rMRa8Nu9+Ot
Behavioral task
behavioral1
Sample
Ratka.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Ratka.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
njrat
im523
HacKed
0.tcp.eu.ngrok.io:11331
166eee41ae0e0f4544d895f9671505cf
-
reg_key
166eee41ae0e0f4544d895f9671505cf
-
splitter
|'|'|
Targets
-
-
Target
Ratka.exe
-
Size
37KB
-
MD5
f82ab1b6c91dbfc8a1fc643f3c10922b
-
SHA1
5088dc1515bf6cedfbea693bdf0d897e25345775
-
SHA256
3ba782f1ddf9b091232171b072b30dd145090d02cbb16f6ed816e14e35885285
-
SHA512
def496bca5a0cc7957d726d02409372885292690618ae5a13c44e6921fb7de72e5ec8e1855a2cb1de9d4cc1d77be01f3e7d65889b17bf41f00cea12d6b6f805e
-
SSDEEP
384:VmOq0IiejvCVLO309QmykrtG+dA+Vd7wvOSiKrAF+rMRTyN/0L+EcoinblneHQMi:XLdGdkrgYH7wWS9rM+rMRa8Nu9+Ot
Score8/10-
Modifies Windows Firewall
-
Legitimate hosting services abused for malware hosting/C2
-