General
-
Target
29bc26c70ff98a045451952aa657e425
-
Size
23KB
-
Sample
201214-kblf44t9ze
-
MD5
29bc26c70ff98a045451952aa657e425
-
SHA1
c9e931e5ead070d6c888e4c90deb13d7c41a9c1c
-
SHA256
306291e8befd3ca365e5bee82db0222708b5be37947f4290a13aab004c1f85b0
-
SHA512
92bf4929a687c0c212fdcbf2bc2f3ebd5aea133137e9885c2636c8640eef30088f6c566b5e1baee6c48fe604e4398d563ad5aa597e35e5f3674f55af8d9e3fc6
Static task
static1
Behavioral task
behavioral1
Sample
29bc26c70ff98a045451952aa657e425.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
29bc26c70ff98a045451952aa657e425.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
VitimasTrojan
vitimascsgocheat.duckdns.org:1177
c549f415a1b907b683bd4b8685d5023f
-
reg_key
c549f415a1b907b683bd4b8685d5023f
-
splitter
|'|'|
Targets
-
-
Target
29bc26c70ff98a045451952aa657e425
-
Size
23KB
-
MD5
29bc26c70ff98a045451952aa657e425
-
SHA1
c9e931e5ead070d6c888e4c90deb13d7c41a9c1c
-
SHA256
306291e8befd3ca365e5bee82db0222708b5be37947f4290a13aab004c1f85b0
-
SHA512
92bf4929a687c0c212fdcbf2bc2f3ebd5aea133137e9885c2636c8640eef30088f6c566b5e1baee6c48fe604e4398d563ad5aa597e35e5f3674f55af8d9e3fc6
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-