Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

JaffaCakes...60.exe

windows7-x64

10

JaffaCakes...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_35a6a33753c12a8813dc8363658cd560

  • Size

    95KB

  • Sample

    250106-xytp6avmdt

  • MD5

    35a6a33753c12a8813dc8363658cd560

  • SHA1

    b8c83cd1253db8c2a193914c4f25c81e9ce9de00

  • SHA256

    a5d0c41be8101d26ada31b8fbaf3527c726ae65fc65f703d59c15c2426dc3698

  • SHA512

    734964d9be9c564b2af16a0f8a26eb72ffdb75fbe8511b6ad7a4be8545f5ae10c58690f09fe661be7f2b42d71cb22265b892f33344703b81293ba6a07c062dfe

  • SSDEEP

    1536:8+ZQMGdeUwljEoKayOxdcJx7OXMHwhkVfjobkZKQ5x1AkSpoHHNLHieBb:8+ZQMtU9Jx7OXMHwhkVfjobkZKQ5x1DT

Score
10/10
njratscammerdiscoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

scammer

C2

oxy01.linkpc.net:1177

Mutex

08f4dc96bbb7af09d1a37fe35c75a42f

Attributes
  • reg_key

    08f4dc96bbb7af09d1a37fe35c75a42f

  • splitter

    |'|'|

Targets

    • Target

      JaffaCakes118_35a6a33753c12a8813dc8363658cd560

    • Size

      95KB

    • MD5

      35a6a33753c12a8813dc8363658cd560

    • SHA1

      b8c83cd1253db8c2a193914c4f25c81e9ce9de00

    • SHA256

      a5d0c41be8101d26ada31b8fbaf3527c726ae65fc65f703d59c15c2426dc3698

    • SHA512

      734964d9be9c564b2af16a0f8a26eb72ffdb75fbe8511b6ad7a4be8545f5ae10c58690f09fe661be7f2b42d71cb22265b892f33344703b81293ba6a07c062dfe

    • SSDEEP

      1536:8+ZQMGdeUwljEoKayOxdcJx7OXMHwhkVfjobkZKQ5x1AkSpoHHNLHieBb:8+ZQMtU9Jx7OXMHwhkVfjobkZKQ5x1DT

    Score
    10/10
    njratscammerdiscoveryevasionpersistenceprivilege_escalationtrojan

    • Njrat family

      njrat

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.