General
-
Target
5916EAC72F7396EDFF49CAD9DCD8D80C.exe
-
Size
120KB
-
Sample
210901-rmaabn9ma2
-
MD5
5916eac72f7396edff49cad9dcd8d80c
-
SHA1
8e49c5a46c86c239ea314513ef80e0e275541e19
-
SHA256
b13fbd200b38f02c0278e54483e641a2cfb41acd1a90bed78ac8791d0c1cf5b2
-
SHA512
e584db22f6f01714f32061846d4ee26e400889c984aef744a73a66a5f4b1a6bace6906f55b48bb45a7aaa8677f0a51b8aabc9536216632abaa0480983038dff9
Static task
static1
Behavioral task
behavioral1
Sample
5916EAC72F7396EDFF49CAD9DCD8D80C.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
5916EAC72F7396EDFF49CAD9DCD8D80C.exe
Resource
win10-en
Malware Config
Extracted
njrat
v2.0
HacKed
107.152.99.41:54893
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
5916EAC72F7396EDFF49CAD9DCD8D80C.exe
-
Size
120KB
-
MD5
5916eac72f7396edff49cad9dcd8d80c
-
SHA1
8e49c5a46c86c239ea314513ef80e0e275541e19
-
SHA256
b13fbd200b38f02c0278e54483e641a2cfb41acd1a90bed78ac8791d0c1cf5b2
-
SHA512
e584db22f6f01714f32061846d4ee26e400889c984aef744a73a66a5f4b1a6bace6906f55b48bb45a7aaa8677f0a51b8aabc9536216632abaa0480983038dff9
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-