General
-
Target
1VG2GyDy.exe
-
Size
23KB
-
Sample
201223-2f94b684ts
-
MD5
3ec3b32cc2f8d5b71b8a697840633170
-
SHA1
23bbf2d4a77abc01eb5af83e8ae120d4ae36b9fa
-
SHA256
476679732c3c164813c683fb7e6f75ef6e4cb314250a4227421ce7dced010eb3
-
SHA512
ad7160f26a3aec4c71572c5a77d0193810ba1f2d09b476a21c38aed4ed3a49f9737b3085fe8b5e81bd9219cfdd3e83790a44fb2b9930b97e0e3d4cd8b40d59d3
Static task
static1
Behavioral task
behavioral1
Sample
1VG2GyDy.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
1VG2GyDy.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
HacKed
103.45.182.184:5552
3a731f9a5537d3d4edee6a499ba30e6b
-
reg_key
3a731f9a5537d3d4edee6a499ba30e6b
-
splitter
|'|'|
Targets
-
-
Target
1VG2GyDy.exe
-
Size
23KB
-
MD5
3ec3b32cc2f8d5b71b8a697840633170
-
SHA1
23bbf2d4a77abc01eb5af83e8ae120d4ae36b9fa
-
SHA256
476679732c3c164813c683fb7e6f75ef6e4cb314250a4227421ce7dced010eb3
-
SHA512
ad7160f26a3aec4c71572c5a77d0193810ba1f2d09b476a21c38aed4ed3a49f9737b3085fe8b5e81bd9219cfdd3e83790a44fb2b9930b97e0e3d4cd8b40d59d3
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-