General
-
Target
084Fxy9f.exe
-
Size
182KB
-
Sample
201223-wd213rys92
-
MD5
03f42fa4bb4551157d493df896904f6d
-
SHA1
70fc59125cde458b573fa3394e95b50ae08c0728
-
SHA256
782818678a45e29fa285a560b0e3cb2aa9cd766fbeb228cf97eabdb712a03008
-
SHA512
a39669af4a3bdfc853c458272c19171f90075f9debc833a7f3b29f67604c67522f9d9bca33ff9aa0bda3d8c50c4b1db8468b4894b05c58935998d5586d8dced2
Static task
static1
Behavioral task
behavioral1
Sample
084Fxy9f.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
084Fxy9f.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
HacKed
154.202.3.84:5552
c0792765cb20555a6d17a1641ac2d34e
-
reg_key
c0792765cb20555a6d17a1641ac2d34e
-
splitter
|'|'|
Targets
-
-
Target
084Fxy9f.exe
-
Size
182KB
-
MD5
03f42fa4bb4551157d493df896904f6d
-
SHA1
70fc59125cde458b573fa3394e95b50ae08c0728
-
SHA256
782818678a45e29fa285a560b0e3cb2aa9cd766fbeb228cf97eabdb712a03008
-
SHA512
a39669af4a3bdfc853c458272c19171f90075f9debc833a7f3b29f67604c67522f9d9bca33ff9aa0bda3d8c50c4b1db8468b4894b05c58935998d5586d8dced2
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-