General
-
Target
871b20e693b58df30618496d38fb42f2
-
Size
23KB
-
Sample
201214-ql77k11k4s
-
MD5
871b20e693b58df30618496d38fb42f2
-
SHA1
3c716ae7a3c6a1fbc899c02494e4b28f0fa89798
-
SHA256
fc770e2c74b4fb0f91bb0558acddf824bf51fed39b1301259da236eda4e4c14b
-
SHA512
dab50adc78ea36e22e2c1fe9bfb7bcdcbcbe424080b067df11bb7126c70ff532a87f6ea7971e0f83117940b0da1a763047089b13e0dab094b946d0403d0e2c09
Static task
static1
Behavioral task
behavioral1
Sample
871b20e693b58df30618496d38fb42f2.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
871b20e693b58df30618496d38fb42f2.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
LOL
jhk254jhser.duckdns.org:5552
53f926e3c693e306bb11fa9f5f456113
-
reg_key
53f926e3c693e306bb11fa9f5f456113
-
splitter
|'|'|
Targets
-
-
Target
871b20e693b58df30618496d38fb42f2
-
Size
23KB
-
MD5
871b20e693b58df30618496d38fb42f2
-
SHA1
3c716ae7a3c6a1fbc899c02494e4b28f0fa89798
-
SHA256
fc770e2c74b4fb0f91bb0558acddf824bf51fed39b1301259da236eda4e4c14b
-
SHA512
dab50adc78ea36e22e2c1fe9bfb7bcdcbcbe424080b067df11bb7126c70ff532a87f6ea7971e0f83117940b0da1a763047089b13e0dab094b946d0403d0e2c09
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-