Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2aad7f7edf...51.exe

windows7-x64

10

2aad7f7edf...51.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2aad7f7edf402c984b9470586e8676190a72c59ccd8a232d5010eece7e85d451.exe

  • Size

    23KB

  • Sample

    240928-j5e9fswajr

  • MD5

    feca5b6e403c966c33da5dc364a3693d

  • SHA1

    29b456da0f41924d4ddc9117332fc2a44bfda6cb

  • SHA256

    2aad7f7edf402c984b9470586e8676190a72c59ccd8a232d5010eece7e85d451

  • SHA512

    400196e5f3fa0d47eb30726c61cd15e55e80a062be93968eb3aa459be1c9bbd0c7f3c944e1a57cc64fa8280069aee39ef635642a64dd1ff9b96d52f5b1f2b831

  • SSDEEP

    384:5sqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZ7DU:yf65K2Yf1jKRpcnukU

Score
10/10
njrathackeddiscoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

myhotkkk444.duckdns.org:4444

Mutex

c760fcd136526bb1a5afbbf5d7e84b71

Attributes
  • reg_key

    c760fcd136526bb1a5afbbf5d7e84b71

  • splitter

    |'|'|

Targets

    • Target

      2aad7f7edf402c984b9470586e8676190a72c59ccd8a232d5010eece7e85d451.exe

    • Size

      23KB

    • MD5

      feca5b6e403c966c33da5dc364a3693d

    • SHA1

      29b456da0f41924d4ddc9117332fc2a44bfda6cb

    • SHA256

      2aad7f7edf402c984b9470586e8676190a72c59ccd8a232d5010eece7e85d451

    • SHA512

      400196e5f3fa0d47eb30726c61cd15e55e80a062be93968eb3aa459be1c9bbd0c7f3c944e1a57cc64fa8280069aee39ef635642a64dd1ff9b96d52f5b1f2b831

    • SSDEEP

      384:5sqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZ7DU:yf65K2Yf1jKRpcnukU

    Score
    10/10
    njratdiscoveryevasionpersistenceprivilege_escalationtrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks