General
-
Target
b62b55b6ffff01b6540348967c9f7b1361ffb5e860c2559ad00ef77036685277
-
Size
26KB
-
Sample
210228-ykzymn4kws
-
MD5
043335fcd3a8b4b6d85861b9e5c27b74
-
SHA1
567bb55395160fd165bdd6ba17176399cb54bc58
-
SHA256
b62b55b6ffff01b6540348967c9f7b1361ffb5e860c2559ad00ef77036685277
-
SHA512
426521fc7888079b97e91a3a4d4b1bcc29f5bc0a914ded979970f3b22c625866c26123ff9f0c6baca85abb5fbd5e9b0d053277402d111b343fc11b87fba93529
Static task
static1
Behavioral task
behavioral1
Sample
b62b55b6ffff01b6540348967c9f7b1361ffb5e860c2559ad00ef77036685277.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
b62b55b6ffff01b6540348967c9f7b1361ffb5e860c2559ad00ef77036685277.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
HacKed
192.168.7.108:1177
017c060db3a2fd47416ea61ee39f9282
-
reg_key
017c060db3a2fd47416ea61ee39f9282
-
splitter
|'|'|
Targets
-
-
Target
b62b55b6ffff01b6540348967c9f7b1361ffb5e860c2559ad00ef77036685277
-
Size
26KB
-
MD5
043335fcd3a8b4b6d85861b9e5c27b74
-
SHA1
567bb55395160fd165bdd6ba17176399cb54bc58
-
SHA256
b62b55b6ffff01b6540348967c9f7b1361ffb5e860c2559ad00ef77036685277
-
SHA512
426521fc7888079b97e91a3a4d4b1bcc29f5bc0a914ded979970f3b22c625866c26123ff9f0c6baca85abb5fbd5e9b0d053277402d111b343fc11b87fba93529
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-