General
-
Target
49c58fe5c75847250c7e5667e743777d34655ed41297acf072f8f7eb9db314cf
-
Size
1009KB
-
Sample
210830-ptg26y77es
-
MD5
749ebef6c4ae90cf84e427ca29f2cc2d
-
SHA1
b51a6856f1539d5e1d38aba0212222ebc69e7922
-
SHA256
49c58fe5c75847250c7e5667e743777d34655ed41297acf072f8f7eb9db314cf
-
SHA512
62020030df7136c10495c79866d255e91033481c7be41173414e01f9bdcff4e139954c00a62db959ec123950afa8d8b18c324751500ed87f0236462985130115
Static task
static1
Behavioral task
behavioral1
Sample
49c58fe5c75847250c7e5667e743777d34655ed41297acf072f8f7eb9db314cf.exe
Resource
win7v20210408
Malware Config
Extracted
njrat
0.7.3
Limebot3
microsoftdnsbug.duckdns.org:6699
Client.exe
-
reg_key
Client.exe
-
splitter
luffy
Targets
-
-
Target
49c58fe5c75847250c7e5667e743777d34655ed41297acf072f8f7eb9db314cf
-
Size
1009KB
-
MD5
749ebef6c4ae90cf84e427ca29f2cc2d
-
SHA1
b51a6856f1539d5e1d38aba0212222ebc69e7922
-
SHA256
49c58fe5c75847250c7e5667e743777d34655ed41297acf072f8f7eb9db314cf
-
SHA512
62020030df7136c10495c79866d255e91033481c7be41173414e01f9bdcff4e139954c00a62db959ec123950afa8d8b18c324751500ed87f0236462985130115
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-