General
-
Target
0eac2b7a8bc6e887fd9b8e0a8371f755
-
Size
23KB
-
Sample
201214-dl4m56m83e
-
MD5
0eac2b7a8bc6e887fd9b8e0a8371f755
-
SHA1
f507b89f8c3e335f548216a9ce9d6dd778451b40
-
SHA256
1299622eef5b6945e51617274abbade793a7de8cd2fb21d5c3830aeb6e32ee73
-
SHA512
400c0bd0554aeac55fc65c3f2dd9849b1515f621d53079d4fd43eaa8cfa4c9c01adf0fbd9b8da5456a03c97cf34ebb1f1ffde7913bac7514778d43ad06dda520
Static task
static1
Behavioral task
behavioral1
Sample
0eac2b7a8bc6e887fd9b8e0a8371f755.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
0eac2b7a8bc6e887fd9b8e0a8371f755.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
word
127.0.0.1:5552
423f911702a6d9f50203acbcc3b5f95e
-
reg_key
423f911702a6d9f50203acbcc3b5f95e
-
splitter
|'|'|
Targets
-
-
Target
0eac2b7a8bc6e887fd9b8e0a8371f755
-
Size
23KB
-
MD5
0eac2b7a8bc6e887fd9b8e0a8371f755
-
SHA1
f507b89f8c3e335f548216a9ce9d6dd778451b40
-
SHA256
1299622eef5b6945e51617274abbade793a7de8cd2fb21d5c3830aeb6e32ee73
-
SHA512
400c0bd0554aeac55fc65c3f2dd9849b1515f621d53079d4fd43eaa8cfa4c9c01adf0fbd9b8da5456a03c97cf34ebb1f1ffde7913bac7514778d43ad06dda520
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-