General
-
Target
dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664
-
Size
1009KB
-
Sample
210830-y1gxjjwa7x
-
MD5
ea90ca0befdcfe335987659cf032f1d0
-
SHA1
f6e334b13c3bf75a37a5af17a4d3ea193a77e6fa
-
SHA256
dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664
-
SHA512
5f45a82c52bbc384c53d40fcf50b1193ca1500c382c37a0b0a0c08b3e7c62b63c8b98e6327592e524b01b953ea4c63949f882988d7a6386ab08ad231c9cb2098
Static task
static1
Behavioral task
behavioral1
Sample
dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664.exe
Resource
win7v20210408
Malware Config
Extracted
njrat
0.7.3
Limebot3
microsoftdnsbug.duckdns.org:6699
Client.exe
-
reg_key
Client.exe
-
splitter
luffy
Targets
-
-
Target
dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664
-
Size
1009KB
-
MD5
ea90ca0befdcfe335987659cf032f1d0
-
SHA1
f6e334b13c3bf75a37a5af17a4d3ea193a77e6fa
-
SHA256
dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664
-
SHA512
5f45a82c52bbc384c53d40fcf50b1193ca1500c382c37a0b0a0c08b3e7c62b63c8b98e6327592e524b01b953ea4c63949f882988d7a6386ab08ad231c9cb2098
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-