General
-
Target
Vrz7skDd.exe
-
Size
23KB
-
Sample
201223-zdh2c8yfg2
-
MD5
d53632afb8714caff16ff790a2799cd4
-
SHA1
2b156be1603ee3f615d3727c6d28d30b44821869
-
SHA256
0cf5a7646bb4033425811d5d0a1432d229c87e4850228be4ca5493fcaf2c0c3a
-
SHA512
97f2dbb993100d414de977f1bbed851acec1d766f2593038f926f11d3d1d75d82ef6fda136feb12392023defe5c5abc991037900d8101a29f68c11db9a074012
Static task
static1
Behavioral task
behavioral1
Sample
Vrz7skDd.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Vrz7skDd.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
ابن سوريا A_B_N_SYRIA
xoruf.ddns.net:5552
5e3a65ea61324e81c313ed04d0316f69
-
reg_key
5e3a65ea61324e81c313ed04d0316f69
-
splitter
@!#&^%$
Targets
-
-
Target
Vrz7skDd.exe
-
Size
23KB
-
MD5
d53632afb8714caff16ff790a2799cd4
-
SHA1
2b156be1603ee3f615d3727c6d28d30b44821869
-
SHA256
0cf5a7646bb4033425811d5d0a1432d229c87e4850228be4ca5493fcaf2c0c3a
-
SHA512
97f2dbb993100d414de977f1bbed851acec1d766f2593038f926f11d3d1d75d82ef6fda136feb12392023defe5c5abc991037900d8101a29f68c11db9a074012
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-