Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
545e859b915fecc8c9d2130d9dc8901805f73105679f10051b0d12c5328c1e92N.exe
-
Size
257KB
-
Sample
250123-lf8wkstqav
-
MD5
77242a466504bd3927ff85fe230a6d90
-
SHA1
30d335e6c0525044e7ab6196d3f202dd64db6e57
-
SHA256
545e859b915fecc8c9d2130d9dc8901805f73105679f10051b0d12c5328c1e92
-
SHA512
48272a63b1115c447509e81311b700b334f2cd5bb2a701280b2414d5e12d9159c6f8cdf01e80ab9e5877741d7b6584979376d15271cfe6efd0c341238cc24290
-
SSDEEP
6144:vY4AymXSWEM1TOzeUh6+/Igohbkk5S98B:v7S5H1izlX9oOGB
Malware Config
Targets
-
-
Target
545e859b915fecc8c9d2130d9dc8901805f73105679f10051b0d12c5328c1e92N.exe
-
Size
257KB
-
MD5
77242a466504bd3927ff85fe230a6d90
-
SHA1
30d335e6c0525044e7ab6196d3f202dd64db6e57
-
SHA256
545e859b915fecc8c9d2130d9dc8901805f73105679f10051b0d12c5328c1e92
-
SHA512
48272a63b1115c447509e81311b700b334f2cd5bb2a701280b2414d5e12d9159c6f8cdf01e80ab9e5877741d7b6584979376d15271cfe6efd0c341238cc24290
-
SSDEEP
6144:vY4AymXSWEM1TOzeUh6+/Igohbkk5S98B:v7S5H1izlX9oOGB
Score10/10-
Njrat family
-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Modifies Windows Firewall
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1