Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

549a4bc7d1...2N.exe

windows7-x64

10

549a4bc7d1...2N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    549a4bc7d1952189ee961ea96a4b6e936d3c1ebe2303bc3ef8a8dff200600b92N.exe

  • Size

    71KB

  • MD5

    5715b6cce13bf186a655c5aa14df2100

  • SHA1

    d6d7747a90222e87020ebeff55afefdebde46ebe

  • SHA256

    549a4bc7d1952189ee961ea96a4b6e936d3c1ebe2303bc3ef8a8dff200600b92

  • SHA512

    7945e9318809ba5700965ccbf2172f804546204d45f627c695e0b3abaa3f47e3684b0406eb7f477851763f22fabb1fa0a79c449fe8c92d513050a2a099b8ca19

  • SSDEEP

    1536:KFBwImo1lyoWSlqejUiX5f2F0iZ+J9QLXHQ/HVM4brcJtiBfKMt9PMlAaF9bC1:zTOXWLX2VM4iq9PhaF9bC

Score
10/10
victimnjrat

Malware Config

Extracted

Family

njrat

Version

Platinum

Botnet

Victim

C2

kgbhostpro.duckdns.org:963

Mutex

svchost.exe

Attributes
  • reg_key

    svchost.exe

  • splitter

    |Ghost|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 549a4bc7d1952189ee961ea96a4b6e936d3c1ebe2303bc3ef8a8dff200600b92N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections