General
-
Target
9f6fdc5e19242853318ccf433ca5288f4869fc045fde7.exe
-
Size
167KB
-
Sample
210906-14l42sbee4
-
MD5
0bcb7b5e42fc664c49a25df679fd3e62
-
SHA1
c1287a05d381069a06bcf716657ce1a38d9fd95e
-
SHA256
9f6fdc5e19242853318ccf433ca5288f4869fc045fde761b931a8bc8b8ac70d7
-
SHA512
d7929e9faa699e305f1b9502d8c6bd69cf3a66729517d9c511c621479a22bde06ec3bfca542cd3dee5548c8ebf0e3454d3cab29828c6117847e9c9536cf924be
Static task
static1
Behavioral task
behavioral1
Sample
9f6fdc5e19242853318ccf433ca5288f4869fc045fde7.exe
Resource
win7v20210408
Malware Config
Extracted
njrat
62.33.159.162:5674
26c50014115b430
-
reg_key
26c50014115b430
-
splitter
@!#&^%$
Targets
-
-
Target
9f6fdc5e19242853318ccf433ca5288f4869fc045fde7.exe
-
Size
167KB
-
MD5
0bcb7b5e42fc664c49a25df679fd3e62
-
SHA1
c1287a05d381069a06bcf716657ce1a38d9fd95e
-
SHA256
9f6fdc5e19242853318ccf433ca5288f4869fc045fde761b931a8bc8b8ac70d7
-
SHA512
d7929e9faa699e305f1b9502d8c6bd69cf3a66729517d9c511c621479a22bde06ec3bfca542cd3dee5548c8ebf0e3454d3cab29828c6117847e9c9536cf924be
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Suspicious use of SetThreadContext
-