Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NjRat 0.7D Green Edition by im523.exe

  • Size

    2.5MB

  • Sample

    240721-rndy3avgqm

  • MD5

    db03ed78b35220d0a178d0c4cba27e76

  • SHA1

    ba576c67c78c680e2f8c5375d294b5dbd7c3250e

  • SHA256

    42b9c295089c7cf9141f5d0a40a1155cfd3627888579473f8c9b80e8e3ea1c48

  • SHA512

    c272cfef5199450c903443ae3259191d1ecfd8795854e297aef36c819af8887233419b98bb54e5e5894846a1454c398991487547191c66de00881c31e6d1ae93

  • SSDEEP

    49152:LJNiJe3T1/rgMVwPpIGGHgoQhLL2RWNbftLLQPFfO5SSOp:LJNReMVmILHg3gMQSjO

Malware Config

Targets

    • Target

      NjRat 0.7D Green Edition by im523.exe

    • Size

      2.5MB

    • MD5

      db03ed78b35220d0a178d0c4cba27e76

    • SHA1

      ba576c67c78c680e2f8c5375d294b5dbd7c3250e

    • SHA256

      42b9c295089c7cf9141f5d0a40a1155cfd3627888579473f8c9b80e8e3ea1c48

    • SHA512

      c272cfef5199450c903443ae3259191d1ecfd8795854e297aef36c819af8887233419b98bb54e5e5894846a1454c398991487547191c66de00881c31e6d1ae93

    • SSDEEP

      49152:LJNiJe3T1/rgMVwPpIGGHgoQhLL2RWNbftLLQPFfO5SSOp:LJNReMVmILHg3gMQSjO

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Creates new service(s)

    • Stops running service(s)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks