General
-
Target
tools.exe
-
Size
31KB
-
Sample
210803-a4xdcgtj6s
-
MD5
49b8f905867aded45f1f5b3c9bd84209
-
SHA1
0a87788428778dba567623ccc9be6825eba4b7c7
-
SHA256
02883009e7e310bf670bff6336cb6c05c5ecfe0b40274a99b769e8fbfae19ad3
-
SHA512
1c9d2b7bb3948ad8f3cae541602575b9eacc2a212ab0a6e7c148a24a72e36986e4c46d646244837dc3ea7c71f3db90629f7ee68ef18565d67f93d1f801308361
Static task
static1
Behavioral task
behavioral1
Sample
tools.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
tools.exe
Resource
win10v20210410
Malware Config
Extracted
njrat
0.7d
HACK
43.229.151.64:5552
6825da1e045502b22d4b02d4028214ab
-
reg_key
6825da1e045502b22d4b02d4028214ab
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
tools.exe
-
Size
31KB
-
MD5
49b8f905867aded45f1f5b3c9bd84209
-
SHA1
0a87788428778dba567623ccc9be6825eba4b7c7
-
SHA256
02883009e7e310bf670bff6336cb6c05c5ecfe0b40274a99b769e8fbfae19ad3
-
SHA512
1c9d2b7bb3948ad8f3cae541602575b9eacc2a212ab0a6e7c148a24a72e36986e4c46d646244837dc3ea7c71f3db90629f7ee68ef18565d67f93d1f801308361
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-