General
-
Target
f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca
-
Size
1009KB
-
Sample
210830-shfhhxeeb6
-
MD5
48f6e580a94cf841c495afa5c50e96a6
-
SHA1
e50a3a337524a6a3a638ed33828fda110bbd8d3a
-
SHA256
f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca
-
SHA512
3fbef618e474b76feb407b44a892e59c391b09ca6e6c13d589144fe4edee2892101cbf4234075c66d0d2707614c5f4ca5709f0d99459150f1a3fbd66b19abab0
Static task
static1
Behavioral task
behavioral1
Sample
f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca.exe
Resource
win7v20210408
Malware Config
Extracted
njrat
0.7.3
Limebot3
microsoftdnsbug.duckdns.org:6699
Client.exe
-
reg_key
Client.exe
-
splitter
luffy
Targets
-
-
Target
f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca
-
Size
1009KB
-
MD5
48f6e580a94cf841c495afa5c50e96a6
-
SHA1
e50a3a337524a6a3a638ed33828fda110bbd8d3a
-
SHA256
f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca
-
SHA512
3fbef618e474b76feb407b44a892e59c391b09ca6e6c13d589144fe4edee2892101cbf4234075c66d0d2707614c5f4ca5709f0d99459150f1a3fbd66b19abab0
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-