General
-
Target
7P7DYQVc.exe
-
Size
23KB
-
Sample
210118-tnaye7c7rn
-
MD5
d350b0d6462773a8f98d60ec7ca993fe
-
SHA1
a8eced99a403074fd6be13a579df9a35acb7acf9
-
SHA256
0e798055549a18d74a4c26621e5925883c55a33f2be16cb4b79eeefd40c9dd0c
-
SHA512
4105c6a027a7e9b89f08cc635ea6cefab8f3c270b9ddb7915ef0232084cad96a1df3b328f97be653f7d5ccaa457396450d2189269ddf9379b24c5b182ca9e567
Static task
static1
Behavioral task
behavioral1
Sample
7P7DYQVc.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
7P7DYQVc.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
Blue
AntiBot
anti.kro.kr:7
bd8a83ed8b02d3c995a02f159f9c2953
-
reg_key
bd8a83ed8b02d3c995a02f159f9c2953
-
splitter
|'|'|
Targets
-
-
Target
7P7DYQVc.exe
-
Size
23KB
-
MD5
d350b0d6462773a8f98d60ec7ca993fe
-
SHA1
a8eced99a403074fd6be13a579df9a35acb7acf9
-
SHA256
0e798055549a18d74a4c26621e5925883c55a33f2be16cb4b79eeefd40c9dd0c
-
SHA512
4105c6a027a7e9b89f08cc635ea6cefab8f3c270b9ddb7915ef0232084cad96a1df3b328f97be653f7d5ccaa457396450d2189269ddf9379b24c5b182ca9e567
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-