General
-
Target
578be22ecfe0f4d1535ffbd827276d4ef93e93c6ac9bd33f55febdd72dbc9b93
-
Size
22KB
-
Sample
210906-hj84zadgek
-
MD5
40a1f466f31cc1ef46edd731199024e9
-
SHA1
2240782749be39ff160beda6a07187257736a863
-
SHA256
578be22ecfe0f4d1535ffbd827276d4ef93e93c6ac9bd33f55febdd72dbc9b93
-
SHA512
025eba410df39c8789d7120f6f00966f301c2d2a2348530b4a36677424cd4d7e5651c65628c6ffca14e9b1a8f349de9da93215705823ed84730e39503774d17a
Behavioral task
behavioral1
Sample
578be22ecfe0f4d1535ffbd827276d4ef93e93c6ac9bd33f55febdd72dbc9b93.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
578be22ecfe0f4d1535ffbd827276d4ef93e93c6ac9bd33f55febdd72dbc9b93.exe
Resource
win10-en
Malware Config
Extracted
njrat
0.7d
HacKed
ttaahhaa4321.ddns.net:1177
064a642c9a7c8d589d5c1f13c59a2c38
-
reg_key
064a642c9a7c8d589d5c1f13c59a2c38
-
splitter
|'|'|
Targets
-
-
Target
578be22ecfe0f4d1535ffbd827276d4ef93e93c6ac9bd33f55febdd72dbc9b93
-
Size
22KB
-
MD5
40a1f466f31cc1ef46edd731199024e9
-
SHA1
2240782749be39ff160beda6a07187257736a863
-
SHA256
578be22ecfe0f4d1535ffbd827276d4ef93e93c6ac9bd33f55febdd72dbc9b93
-
SHA512
025eba410df39c8789d7120f6f00966f301c2d2a2348530b4a36677424cd4d7e5651c65628c6ffca14e9b1a8f349de9da93215705823ed84730e39503774d17a
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-