General
-
Target
5bf23d17dde3b16d144bb5f163de6668e8417ca0413ea3c452c98471ea4b5a07
-
Size
212KB
-
Sample
210228-eswrk4ntqe
-
MD5
56e36007e69bf07cfd244cb8d4ea1768
-
SHA1
4bbca8de8ff9f1a6ce6427a082e072826df6d2fe
-
SHA256
5bf23d17dde3b16d144bb5f163de6668e8417ca0413ea3c452c98471ea4b5a07
-
SHA512
0cdca52f9ecae4485f08c407cb766a9cf2516b95f0aed0dd53fca2cceb5671d8b47fa48c9d1f01b73560e490bb6e341a54a83ef610ef546d9b12ff185035c04b
Static task
static1
Behavioral task
behavioral1
Sample
5bf23d17dde3b16d144bb5f163de6668e8417ca0413ea3c452c98471ea4b5a07.exe
Resource
win7v20201028
Malware Config
Extracted
njrat
0.7d
HacKed
127.0.0.1:5552
165d6ed988ac1dbec1627a1ca9899d84
-
reg_key
165d6ed988ac1dbec1627a1ca9899d84
-
splitter
|'|'|
Targets
-
-
Target
5bf23d17dde3b16d144bb5f163de6668e8417ca0413ea3c452c98471ea4b5a07
-
Size
212KB
-
MD5
56e36007e69bf07cfd244cb8d4ea1768
-
SHA1
4bbca8de8ff9f1a6ce6427a082e072826df6d2fe
-
SHA256
5bf23d17dde3b16d144bb5f163de6668e8417ca0413ea3c452c98471ea4b5a07
-
SHA512
0cdca52f9ecae4485f08c407cb766a9cf2516b95f0aed0dd53fca2cceb5671d8b47fa48c9d1f01b73560e490bb6e341a54a83ef610ef546d9b12ff185035c04b
-
Modifies Windows Firewall
-
Suspicious use of SetThreadContext
-