General
-
Target
8bc16349fad1dd201cf7929eb7ae7fce.exe
-
Size
1.1MB
-
Sample
210904-yvebqsedh7
-
MD5
8bc16349fad1dd201cf7929eb7ae7fce
-
SHA1
8a4eeb9c27e09c9e970f63731f9137013ad83c19
-
SHA256
c8ad2a5b3da748a73f4ba9497f5d7674735f93716b9454fea5db13c7d5d0ee68
-
SHA512
b7fba6f2c4694ff7c48c3b136c37a3f456e1bcf9a5aeb32fcd3eb9b51dcfe2f8ab1c2d0242a6ce0e1f7c75c9fa45d11c6a36ea46cc91e56fcabfa4e966f9f5c3
Static task
static1
Behavioral task
behavioral1
Sample
8bc16349fad1dd201cf7929eb7ae7fce.exe
Resource
win7-en
Behavioral task
behavioral2
Sample
8bc16349fad1dd201cf7929eb7ae7fce.exe
Resource
win10v20210408
Malware Config
Extracted
njrat
v2.0
TAX_MON_30_08
37.120.141.158:18892
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
8bc16349fad1dd201cf7929eb7ae7fce.exe
-
Size
1.1MB
-
MD5
8bc16349fad1dd201cf7929eb7ae7fce
-
SHA1
8a4eeb9c27e09c9e970f63731f9137013ad83c19
-
SHA256
c8ad2a5b3da748a73f4ba9497f5d7674735f93716b9454fea5db13c7d5d0ee68
-
SHA512
b7fba6f2c4694ff7c48c3b136c37a3f456e1bcf9a5aeb32fcd3eb9b51dcfe2f8ab1c2d0242a6ce0e1f7c75c9fa45d11c6a36ea46cc91e56fcabfa4e966f9f5c3
Score10/10-
Drops startup file
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-