Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

462c936210...b7.exe

windows7-x64

8

462c936210...b7.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    462c93621089c577de624767fee930b7.exe

  • Size

    93KB

  • Sample

    240811-hr3l6azcjm

  • MD5

    462c93621089c577de624767fee930b7

  • SHA1

    28ba8fa8451acb8da97626b02721c9c7698b6315

  • SHA256

    66a7c6538eff28587daeb73436b616207e89aa0c6e8c59e15d07f203f4efef21

  • SHA512

    ad3be15d0f142f9f7d339a9d00f835a64ec40e608f5907f3fe18ccdc98d75d357376b17a0721204566f5c78d21699616446a8cdd89fa6b7fb11dfeace41f72f0

  • SSDEEP

    1536:6URs5p8k2HGjTpL5HoTjEwzGi1dD9DigS:6Ubk2HGjtL5IYi1dRH

Score
10/10
njrathackeddiscoveryevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

java-stupid.gl.at.ply.gg:29578
Mutex

347ab0e42da845bc7cae6cb42d8190db

Attributes
  • reg_key

    347ab0e42da845bc7cae6cb42d8190db

  • splitter

    |'|'|

Targets

    • Target

      462c93621089c577de624767fee930b7.exe

    • Size

      93KB

    • MD5

      462c93621089c577de624767fee930b7

    • SHA1

      28ba8fa8451acb8da97626b02721c9c7698b6315

    • SHA256

      66a7c6538eff28587daeb73436b616207e89aa0c6e8c59e15d07f203f4efef21

    • SHA512

      ad3be15d0f142f9f7d339a9d00f835a64ec40e608f5907f3fe18ccdc98d75d357376b17a0721204566f5c78d21699616446a8cdd89fa6b7fb11dfeace41f72f0

    • SSDEEP

      1536:6URs5p8k2HGjTpL5HoTjEwzGi1dD9DigS:6Ubk2HGjtL5IYi1dRH

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks