General
-
Target
DE3D6958F101E3B252F18168F240480D.exe
-
Size
819KB
-
Sample
210911-vlb88sbef6
-
MD5
de3d6958f101e3b252f18168f240480d
-
SHA1
4a2ff6b9018df0b31db61ce4f5a6d844c05dc3ce
-
SHA256
1e73294675f42df94d101ece8c550fcfa2746ae6f8bf3261e16d315c5d8de832
-
SHA512
ca26091630e7509e79b386cbc1024446d51bc1ff0763b14aa1e8d03b0ec815d2484beccc905d1694db87a5b1dc8a8e95971c25dd5cd51abe9cbd000aea13f1f7
Static task
static1
Behavioral task
behavioral1
Sample
DE3D6958F101E3B252F18168F240480D.exe
Resource
win7v20210408
Malware Config
Extracted
njrat
0.7NC
NYAN CAT
alice2019.myftp.biz:5552
28ac71370f2e4
-
reg_key
28ac71370f2e4
-
splitter
@!#&^%$
Targets
-
-
Target
DE3D6958F101E3B252F18168F240480D.exe
-
Size
819KB
-
MD5
de3d6958f101e3b252f18168f240480d
-
SHA1
4a2ff6b9018df0b31db61ce4f5a6d844c05dc3ce
-
SHA256
1e73294675f42df94d101ece8c550fcfa2746ae6f8bf3261e16d315c5d8de832
-
SHA512
ca26091630e7509e79b386cbc1024446d51bc1ff0763b14aa1e8d03b0ec815d2484beccc905d1694db87a5b1dc8a8e95971c25dd5cd51abe9cbd000aea13f1f7
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-