Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Sound Blas...ix.exe

windows7-x64

Sound Blas...ix.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Sound Blaster creative set-up.fix.exe

  • Size

    202KB

  • Sample

    240707-qgnz1sshkj

  • MD5

    69e54877c8aee907efaad8e96ffa8bad

  • SHA1

    fa005fa2f233fb07c0a58b06b0c88610164097a8

  • SHA256

    83b491f66cbcc39a71daff3cb9f2e6228a77959aebdf6a87b4c95f884de588a4

  • SHA512

    db4d864dd8ae525b48941491ff257e8eee64ba93cdf1e9fd96a21d124bc01dfe660fe9451a87cb306964c2966854a0626d5f777bb35aec47c83c5956f2f4b917

  • SSDEEP

    3072:9nx83hRxFJiN09QcRD21e+/2EIjcvlCHQnDPvrcUPn6+byteiYD8+YdzNrj:FCxiN0f1fcvlCwnDbvytDYo7

Score
10/10
njratevasionexecutionpersistencetrojan

Malware Config

Targets

    • Target

      Sound Blaster creative set-up.fix.exe

    • Size

      202KB

    • MD5

      69e54877c8aee907efaad8e96ffa8bad

    • SHA1

      fa005fa2f233fb07c0a58b06b0c88610164097a8

    • SHA256

      83b491f66cbcc39a71daff3cb9f2e6228a77959aebdf6a87b4c95f884de588a4

    • SHA512

      db4d864dd8ae525b48941491ff257e8eee64ba93cdf1e9fd96a21d124bc01dfe660fe9451a87cb306964c2966854a0626d5f777bb35aec47c83c5956f2f4b917

    • SSDEEP

      3072:9nx83hRxFJiN09QcRD21e+/2EIjcvlCHQnDPvrcUPn6+byteiYD8+YdzNrj:FCxiN0f1fcvlCwnDbvytDYo7

    Score
    10/10
    njratevasionexecutionpersistencetrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Stops running service(s)

      evasionexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks