General
-
Target
54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3
-
Size
1009KB
-
Sample
210906-he9jyaaef7
-
MD5
002d46f884f1cac49f4ab9c9960b1d84
-
SHA1
82dc55eecb2de7485a7b9c367d094c909e2f460f
-
SHA256
54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3
-
SHA512
8b44f54475d0248cbe259184add0b0000fdcd45bce34e9b1a7857cd2577c141d828687f00f1dbb87610c3cb396e96a832c41fc15695fd0431c104facb7fba8e9
Static task
static1
Behavioral task
behavioral1
Sample
54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3.exe
Resource
win7-en
Malware Config
Extracted
njrat
0.7.3
Limebot3
microsoftdnsbug.duckdns.org:6699
Client.exe
-
reg_key
Client.exe
-
splitter
luffy
Targets
-
-
Target
54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3
-
Size
1009KB
-
MD5
002d46f884f1cac49f4ab9c9960b1d84
-
SHA1
82dc55eecb2de7485a7b9c367d094c909e2f460f
-
SHA256
54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3
-
SHA512
8b44f54475d0248cbe259184add0b0000fdcd45bce34e9b1a7857cd2577c141d828687f00f1dbb87610c3cb396e96a832c41fc15695fd0431c104facb7fba8e9
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
autoit_exe
AutoIT scripts compiled to PE executables.
-