General
-
Target
b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f
-
Size
1009KB
-
Sample
210830-vh3kpexztj
-
MD5
36963af4e87778f45b39091bc6592eef
-
SHA1
459d5abc7cc856e4cfc5cde82d97c7b5c5cb0011
-
SHA256
b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f
-
SHA512
85f18e57f7655030c752072bd3605d41d6b391d109d7a9626cbb922aee3b71852fa295c7b010595e0353bc11c58b6463132def3e460572bb40ccb87665121a15
Static task
static1
Behavioral task
behavioral1
Sample
b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f.exe
Resource
win7v20210408
Malware Config
Extracted
njrat
0.7.3
Limebot3
microsoftdnsbug.duckdns.org:6699
Client.exe
-
reg_key
Client.exe
-
splitter
luffy
Targets
-
-
Target
b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f
-
Size
1009KB
-
MD5
36963af4e87778f45b39091bc6592eef
-
SHA1
459d5abc7cc856e4cfc5cde82d97c7b5c5cb0011
-
SHA256
b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f
-
SHA512
85f18e57f7655030c752072bd3605d41d6b391d109d7a9626cbb922aee3b71852fa295c7b010595e0353bc11c58b6463132def3e460572bb40ccb87665121a15
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-