Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
New Project 1.exe
-
Size
25.8MB
-
Sample
250124-zjzc7syqbp
-
MD5
62790fdc3f6c5f9f39ff7ebda6f39dbc
-
SHA1
83c77e11d19a2a9112aa6e0949b1fce818626116
-
SHA256
413a21a22075b24b4d3874c42b7d558ab874b9155b4f9a2ae164737fb0d4c0ff
-
SHA512
842930b471b88be82fe535666517e4b39b73e12f7fc0bead3abfe6a791fdcf2e45f5766b7af8c2341e41f9413314bd3d72d79af67c894e5d52d72abb28f3804d
-
SSDEEP
393216:i05l6ltjvQ9zsDsxDWXHuiqYZH1nhrpSW0i3RhKNku8E+:+lt7QxxDW+jYvhWy678E
Malware Config
Targets
-
-
Target
New Project 1.exe
-
Size
25.8MB
-
MD5
62790fdc3f6c5f9f39ff7ebda6f39dbc
-
SHA1
83c77e11d19a2a9112aa6e0949b1fce818626116
-
SHA256
413a21a22075b24b4d3874c42b7d558ab874b9155b4f9a2ae164737fb0d4c0ff
-
SHA512
842930b471b88be82fe535666517e4b39b73e12f7fc0bead3abfe6a791fdcf2e45f5766b7af8c2341e41f9413314bd3d72d79af67c894e5d52d72abb28f3804d
-
SSDEEP
393216:i05l6ltjvQ9zsDsxDWXHuiqYZH1nhrpSW0i3RhKNku8E+:+lt7QxxDW+jYvhWy678E
Score10/10-
Njrat family
-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Modifies Windows Firewall
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
1