General
-
Target
F794A2B479B5DF7571D9C79138EB73EB.exe
-
Size
23KB
-
Sample
210330-jjyb9741ra
-
MD5
f794a2b479b5df7571d9c79138eb73eb
-
SHA1
55b11be9883a188d61ae11656f1a17ec01affff8
-
SHA256
1858e8e2878d8a4a9dd2052cdc076c2b1dbca4e0419687e06df583a00ab6935f
-
SHA512
c3acc87422c96a50e67c7e997926e7339239dd19f2815f57182e27a49031229940b02c6e891f7cc13d65db7bef3c825960cd60ce4dfd88b7da6d0f3c7f9c32fc
Static task
static1
Behavioral task
behavioral1
Sample
F794A2B479B5DF7571D9C79138EB73EB.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
F794A2B479B5DF7571D9C79138EB73EB.exe
Resource
win10v20201028
Malware Config
Extracted
njrat
0.7d
asd
0.tcp.ngrok.io:11970
93b7bd3974316734da67dbeccae43cab
-
reg_key
93b7bd3974316734da67dbeccae43cab
-
splitter
|'|'|
Targets
-
-
Target
F794A2B479B5DF7571D9C79138EB73EB.exe
-
Size
23KB
-
MD5
f794a2b479b5df7571d9c79138eb73eb
-
SHA1
55b11be9883a188d61ae11656f1a17ec01affff8
-
SHA256
1858e8e2878d8a4a9dd2052cdc076c2b1dbca4e0419687e06df583a00ab6935f
-
SHA512
c3acc87422c96a50e67c7e997926e7339239dd19f2815f57182e27a49031229940b02c6e891f7cc13d65db7bef3c825960cd60ce4dfd88b7da6d0f3c7f9c32fc
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-