General
-
Target
456-Invoice.tar
-
Size
168KB
-
Sample
210831-29dr6cdmss
-
MD5
40d40ff9bde90b3d2a1dc9c3baa28ef2
-
SHA1
2b6d3a816d490b41565ee19445a4221c978130da
-
SHA256
da09dcb834819e8acd123a7fb06e38c8dd584522753003cfa9d501df0a2b3a83
-
SHA512
b17161b558af25bab462cc21d2cae427b6f406a825b762d5a1d8e6b960243b1f4327d2336bbae142c70c995e4f20bee29e1df3c7ede691780956ae64d5fb67bf
Static task
static1
Behavioral task
behavioral1
Sample
456-Invoice.js
Resource
win7v20210408
Malware Config
Extracted
njrat
0.7.3
SUCCEED
194.5.97.156:7654
Client.exe
-
reg_key
Client.exe
-
splitter
0149266241@@@
Targets
-
-
Target
456-Invoice.js
-
Size
166KB
-
MD5
c000b245272ad81b74958689e4b3352e
-
SHA1
ce74042c88b852c6a5b00186096f0ce42afc38b6
-
SHA256
f19462db16c63e8c26095f8ee024340649e0b2cb26a9ba9d08691b6d01e4f2be
-
SHA512
f9b3f811a4be2bee356d9265d15a20a00d41b4a5933d8ab5adcf683ce23cab0ac0b6a7cbdbc97abb509385082aa038d11f1b4f8e502f61e6a42535bbd4df155c
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops startup file
-
Adds Run key to start application
-