General
-
Target
CEB4D88A90FF332D4EA6DA16ABAF1E04B6296D8618C1F.exe
-
Size
170KB
-
Sample
210909-jfabxaahgr
-
MD5
75b89ea1408de6fdd7429944f8fdbb5e
-
SHA1
1250d433355aa6d7ce189ea5fe4a9d08df179f18
-
SHA256
ceb4d88a90ff332d4ea6da16abaf1e04b6296d8618c1f280696acb57cb7bbc68
-
SHA512
8682bab985ae84c3482328b5e9cb8a60c902e432a9e1ebb58fafd70e31ed0d01303f3dc64c3b6b2b6a8cdce7c9876d18fff133f75844582650177f6be809bf45
Static task
static1
Behavioral task
behavioral1
Sample
CEB4D88A90FF332D4EA6DA16ABAF1E04B6296D8618C1F.exe
Resource
win7-en
Malware Config
Extracted
njrat
0.7.3
CUCUTAA
noviembre1.duckdns.org:3030
Client.exe
-
reg_key
Client.exe
-
splitter
lolo
Targets
-
-
Target
CEB4D88A90FF332D4EA6DA16ABAF1E04B6296D8618C1F.exe
-
Size
170KB
-
MD5
75b89ea1408de6fdd7429944f8fdbb5e
-
SHA1
1250d433355aa6d7ce189ea5fe4a9d08df179f18
-
SHA256
ceb4d88a90ff332d4ea6da16abaf1e04b6296d8618c1f280696acb57cb7bbc68
-
SHA512
8682bab985ae84c3482328b5e9cb8a60c902e432a9e1ebb58fafd70e31ed0d01303f3dc64c3b6b2b6a8cdce7c9876d18fff133f75844582650177f6be809bf45
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Suspicious use of SetThreadContext
-