General
-
Target
6aa41422717869166e3c3fca64a6282b
-
Size
1.2MB
-
Sample
201214-qtlgsvgrke
-
MD5
6aa41422717869166e3c3fca64a6282b
-
SHA1
cda8fe84bb2841ec7e541651411228e779a81696
-
SHA256
9b33e4cbdb866cf26e5d30d6929b86f01b21eb9e78996237565ba1e088160893
-
SHA512
48e25773818f13f14f4183af0273d9ffc2254801323d4351ce5843df2dba3e926c4acc52ede87e0952e7abea27d8199c18f5a73e3e1188451f45ffe24dfffeef
Static task
static1
Behavioral task
behavioral1
Sample
6aa41422717869166e3c3fca64a6282b.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
6aa41422717869166e3c3fca64a6282b.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
Lammer
magraotm.ddns.net:1177
dd3191152a7e6633d26d1d8422e4e214
-
reg_key
dd3191152a7e6633d26d1d8422e4e214
-
splitter
|'|'|
Targets
-
-
Target
6aa41422717869166e3c3fca64a6282b
-
Size
1.2MB
-
MD5
6aa41422717869166e3c3fca64a6282b
-
SHA1
cda8fe84bb2841ec7e541651411228e779a81696
-
SHA256
9b33e4cbdb866cf26e5d30d6929b86f01b21eb9e78996237565ba1e088160893
-
SHA512
48e25773818f13f14f4183af0273d9ffc2254801323d4351ce5843df2dba3e926c4acc52ede87e0952e7abea27d8199c18f5a73e3e1188451f45ffe24dfffeef
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-