General
-
Target
993cfb1428ec0efdbab42445515ccce6
-
Size
71KB
-
Sample
210901-k7kjkr4xla
-
MD5
993cfb1428ec0efdbab42445515ccce6
-
SHA1
9355f52cec2091d8ea34e00ca8866bdb9a8ad909
-
SHA256
255234ff22cd6f3ea61d6f3c5242965ec12d7573b7cf7868d59587d5073216c9
-
SHA512
839100476195b9a69106379fbd8680c8dad65ffb5b9d4dddf32a8cbc40e1211055489d508d611db5133cdb4889569319bf13af1d29992ce8f25f842874c7820e
Static task
static1
Behavioral task
behavioral1
Sample
993cfb1428ec0efdbab42445515ccce6.exe
Resource
win7-en
Malware Config
Extracted
njrat
0.7NC
NYAN CAT
envirat.duckdns.org:3013
6de17d5355fa43eca7e
-
reg_key
6de17d5355fa43eca7e
-
splitter
@!#&^%$
Targets
-
-
Target
993cfb1428ec0efdbab42445515ccce6
-
Size
71KB
-
MD5
993cfb1428ec0efdbab42445515ccce6
-
SHA1
9355f52cec2091d8ea34e00ca8866bdb9a8ad909
-
SHA256
255234ff22cd6f3ea61d6f3c5242965ec12d7573b7cf7868d59587d5073216c9
-
SHA512
839100476195b9a69106379fbd8680c8dad65ffb5b9d4dddf32a8cbc40e1211055489d508d611db5133cdb4889569319bf13af1d29992ce8f25f842874c7820e
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Downloads MZ/PE file
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-