General
-
Target
BBEE2132C158E1F3CA52FECFC2E0F3AF061336E7DCE9A.exe
-
Size
93KB
-
Sample
210909-abgezsfcc7
-
MD5
2fb14f79f89503e1ef4616df1ef4139e
-
SHA1
8761ec8741c54c78f6959cf565babe76a2f321f8
-
SHA256
bbee2132c158e1f3ca52fecfc2e0f3af061336e7dce9ad7a529191bf9d92491e
-
SHA512
e9db04a686203a3370c9973ea7a22b0acc6291a864856cd6bf62a7b3a378e0223b49cde30c247d4392c4cee267aaf2ca5026cfbc49042722a8f77c52454763a6
Behavioral task
behavioral1
Sample
BBEE2132C158E1F3CA52FECFC2E0F3AF061336E7DCE9A.exe
Resource
win7-en
Behavioral task
behavioral2
Sample
BBEE2132C158E1F3CA52FECFC2E0F3AF061336E7DCE9A.exe
Resource
win10v20210408
Malware Config
Extracted
njrat
0.7d
rtf
FRANSESCOi50Y3Aubmdyb2suaW8Strik:MTQyMTQ=
15c39336b5e94359958b4f902fa64012
-
reg_key
15c39336b5e94359958b4f902fa64012
-
splitter
|'|'|
Targets
-
-
Target
BBEE2132C158E1F3CA52FECFC2E0F3AF061336E7DCE9A.exe
-
Size
93KB
-
MD5
2fb14f79f89503e1ef4616df1ef4139e
-
SHA1
8761ec8741c54c78f6959cf565babe76a2f321f8
-
SHA256
bbee2132c158e1f3ca52fecfc2e0f3af061336e7dce9ad7a529191bf9d92491e
-
SHA512
e9db04a686203a3370c9973ea7a22b0acc6291a864856cd6bf62a7b3a378e0223b49cde30c247d4392c4cee267aaf2ca5026cfbc49042722a8f77c52454763a6
Score8/10-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-