Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2e29fc015c30f726fb2c8fe8a687638cd523ceeb51a79d068b45cd61ac1b00b4.exe
-
Size
39KB
-
Sample
241128-q62x6szjbw
-
MD5
b7bfb490147c56a3f3480101df954fa9
-
SHA1
faaf01d73a5c7e7a65c9553c1e9ff0d7256a2624
-
SHA256
2e29fc015c30f726fb2c8fe8a687638cd523ceeb51a79d068b45cd61ac1b00b4
-
SHA512
277ddfdb46fc81f00a76dc765562728737918b6f2f50def5d5201c730350c9c74a1632a3f6c884e7984271b088e6dd713763e6d856ceaf3819a63b07c5db9ee9
-
SSDEEP
768:VvASIisql251c6opnV0jZJ/s8B8RnVMZ8pBz3bdHUCRKSBsL+DEplyLnEI:inql2ncFpngZFsrKcZRKSCL+D+w9
Malware Config
Extracted
njrat
Platinum
loshara
127.0.0.1:80
Client.exe
-
reg_key
Client.exe
-
splitter
|Ghost|
Targets
-
-
Target
2e29fc015c30f726fb2c8fe8a687638cd523ceeb51a79d068b45cd61ac1b00b4.exe
-
Size
39KB
-
MD5
b7bfb490147c56a3f3480101df954fa9
-
SHA1
faaf01d73a5c7e7a65c9553c1e9ff0d7256a2624
-
SHA256
2e29fc015c30f726fb2c8fe8a687638cd523ceeb51a79d068b45cd61ac1b00b4
-
SHA512
277ddfdb46fc81f00a76dc765562728737918b6f2f50def5d5201c730350c9c74a1632a3f6c884e7984271b088e6dd713763e6d856ceaf3819a63b07c5db9ee9
-
SSDEEP
768:VvASIisql251c6opnV0jZJ/s8B8RnVMZ8pBz3bdHUCRKSBsL+DEplyLnEI:inql2ncFpngZFsrKcZRKSCL+D+w9
Score10/10-
Njrat family
-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Drops startup file
-
Adds Run key to start application
-