General
-
Target
10fb9346fd965b69c8aa00c9350988d18364857f65ff7e123263a67667413228
-
Size
1009KB
-
Sample
210830-2nbxw8aet6
-
MD5
d9f91cf3867b5e6f3317cca8f692bba2
-
SHA1
4268621ec31573e752ee3d54e38ac4ce870adbff
-
SHA256
10fb9346fd965b69c8aa00c9350988d18364857f65ff7e123263a67667413228
-
SHA512
a3899187814da50dad5e4ed5f46d461887edb9e2d11c7b3938f2c80886a7f2aa2fb22db656e13cb12530d9d935a70cf2eac7d2f0bfe4d92ecd22200cffda1d30
Static task
static1
Behavioral task
behavioral1
Sample
10fb9346fd965b69c8aa00c9350988d18364857f65ff7e123263a67667413228.exe
Resource
win7v20210408
Malware Config
Extracted
njrat
0.7.3
Limebot3
microsoftdnsbug.duckdns.org:6699
Client.exe
-
reg_key
Client.exe
-
splitter
luffy
Targets
-
-
Target
10fb9346fd965b69c8aa00c9350988d18364857f65ff7e123263a67667413228
-
Size
1009KB
-
MD5
d9f91cf3867b5e6f3317cca8f692bba2
-
SHA1
4268621ec31573e752ee3d54e38ac4ce870adbff
-
SHA256
10fb9346fd965b69c8aa00c9350988d18364857f65ff7e123263a67667413228
-
SHA512
a3899187814da50dad5e4ed5f46d461887edb9e2d11c7b3938f2c80886a7f2aa2fb22db656e13cb12530d9d935a70cf2eac7d2f0bfe4d92ecd22200cffda1d30
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-