General
-
Target
b9c6c9838b6c8f0ee4142de9a4a15d79
-
Size
31KB
-
Sample
201214-zd126kvyq6
-
MD5
b9c6c9838b6c8f0ee4142de9a4a15d79
-
SHA1
0b8facf9ac1e2c02f2cc719019e8f19225d25447
-
SHA256
3f9c4d9047bbdb5f2c575c11c9b7d43e94a8053ec7a03318ce82fcac84d74b14
-
SHA512
9aed75440268b61717356c9fec17022d5a08badc73036100b17437c2d959cc4fbd76cd13b1316c79a09c46a877939da40f1d0611fa6fa6915495eb0ae228fe0b
Static task
static1
Behavioral task
behavioral1
Sample
b9c6c9838b6c8f0ee4142de9a4a15d79.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
b9c6c9838b6c8f0ee4142de9a4a15d79.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
SQLi Dumper
osbios.net:3129
b3bb675697aae6a94367e8803b763fc4
-
reg_key
b3bb675697aae6a94367e8803b763fc4
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
b9c6c9838b6c8f0ee4142de9a4a15d79
-
Size
31KB
-
MD5
b9c6c9838b6c8f0ee4142de9a4a15d79
-
SHA1
0b8facf9ac1e2c02f2cc719019e8f19225d25447
-
SHA256
3f9c4d9047bbdb5f2c575c11c9b7d43e94a8053ec7a03318ce82fcac84d74b14
-
SHA512
9aed75440268b61717356c9fec17022d5a08badc73036100b17437c2d959cc4fbd76cd13b1316c79a09c46a877939da40f1d0611fa6fa6915495eb0ae228fe0b
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-