General
-
Target
063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d
-
Size
1009KB
-
Sample
210830-4snfxcbjbx
-
MD5
3b7e67075780219f65693e397fa721b8
-
SHA1
6cff74dcac65d345f10565268c95003854062f4a
-
SHA256
063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d
-
SHA512
cc5de66f5bab3054068de6e34ca2dff86ee9312036dd3b0d5f370f9821dfefc1c24d15e233000abfbf5da296726b43e14c4845a62428176636aab8bbf1d3f770
Static task
static1
Behavioral task
behavioral1
Sample
063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d.exe
Resource
win7v20210408
Malware Config
Extracted
njrat
0.7.3
Limebot3
microsoftdnsbug.duckdns.org:6699
Client.exe
-
reg_key
Client.exe
-
splitter
luffy
Targets
-
-
Target
063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d
-
Size
1009KB
-
MD5
3b7e67075780219f65693e397fa721b8
-
SHA1
6cff74dcac65d345f10565268c95003854062f4a
-
SHA256
063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d
-
SHA512
cc5de66f5bab3054068de6e34ca2dff86ee9312036dd3b0d5f370f9821dfefc1c24d15e233000abfbf5da296726b43e14c4845a62428176636aab8bbf1d3f770
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-