General
-
Target
B1jjiJCc.exe
-
Size
23KB
-
Sample
201228-a79cqsqyrs
-
MD5
28a8a52dca43eb1e4fa40ef3b91ca37d
-
SHA1
0d1cd0ee19cc993e9e7f52522795a7aa7afd1e44
-
SHA256
ea5e746e22a5fea7fe514f9324088f98e6b7f7ad6c97ec972ab2667cb440ee41
-
SHA512
3fb983b2e77dbf1f71587ccae00fde3341acb07cd3339b123acbaabbacbb5956bac5784f5443c7bbb631cec771967fb723263afbc99961f20bb96c126dd60b92
Static task
static1
Behavioral task
behavioral1
Sample
B1jjiJCc.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
B1jjiJCc.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
HacKed
xoruf.ddns.net:5552
1178e84f8817063764244d77a8a9d851
-
reg_key
1178e84f8817063764244d77a8a9d851
-
splitter
@!#&^%$
Targets
-
-
Target
B1jjiJCc.exe
-
Size
23KB
-
MD5
28a8a52dca43eb1e4fa40ef3b91ca37d
-
SHA1
0d1cd0ee19cc993e9e7f52522795a7aa7afd1e44
-
SHA256
ea5e746e22a5fea7fe514f9324088f98e6b7f7ad6c97ec972ab2667cb440ee41
-
SHA512
3fb983b2e77dbf1f71587ccae00fde3341acb07cd3339b123acbaabbacbb5956bac5784f5443c7bbb631cec771967fb723263afbc99961f20bb96c126dd60b92
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-