General
-
Target
c5e2d8b234f4c2b2db29eba11e18a75c
-
Size
388KB
-
Sample
201214-s6ln2kcns6
-
MD5
c5e2d8b234f4c2b2db29eba11e18a75c
-
SHA1
6c88462bf8c577b1a6fc304f2724491736b56be5
-
SHA256
9f85eb5b1e7b261c9a7a1cd793badff334e84942ed652f09a0fc7d83008fe621
-
SHA512
dab93f487e09c14aaed8f32814d94dfbac9fa9e1d076d730337ab3379058b0bdd012a86219146010e6060eab77b654a8815208a0d027e1cbb3b25b62876f5fa7
Static task
static1
Behavioral task
behavioral1
Sample
c5e2d8b234f4c2b2db29eba11e18a75c.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
c5e2d8b234f4c2b2db29eba11e18a75c.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
HacKed
karamnaser321.ddns.net:1177
0518517d1f621a093c3997945c521862
-
reg_key
0518517d1f621a093c3997945c521862
-
splitter
|'|'|
Targets
-
-
Target
c5e2d8b234f4c2b2db29eba11e18a75c
-
Size
388KB
-
MD5
c5e2d8b234f4c2b2db29eba11e18a75c
-
SHA1
6c88462bf8c577b1a6fc304f2724491736b56be5
-
SHA256
9f85eb5b1e7b261c9a7a1cd793badff334e84942ed652f09a0fc7d83008fe621
-
SHA512
dab93f487e09c14aaed8f32814d94dfbac9fa9e1d076d730337ab3379058b0bdd012a86219146010e6060eab77b654a8815208a0d027e1cbb3b25b62876f5fa7
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-