General
-
Target
93FE344BD0960DFBFCE8FD9C20127D1C75EC414E7A72B.exe
-
Size
23KB
-
Sample
210915-xvxmmsebhj
-
MD5
37799e802b833bad50ef3267e495059c
-
SHA1
6df1d946f3c0f81e0029546f15fa49b34c6af587
-
SHA256
93fe344bd0960dfbfce8fd9c20127d1c75ec414e7a72b2e41fac998c7594327b
-
SHA512
95d5bb9968e7631052cc7ded5b7b9117b406ef05f25b85ca24e0e66176d44a201a462c6458d7f579b2f31bcfd8db0f1895b1d972ca589919ff942ad4b9c35bfa
Behavioral task
behavioral1
Sample
93FE344BD0960DFBFCE8FD9C20127D1C75EC414E7A72B.exe
Resource
win7-en
Malware Config
Extracted
njrat
0.7d
Windows
dr-mesho.ddns.net:5552
999006ebf1e2e9a7848a18a5a49cb936
-
reg_key
999006ebf1e2e9a7848a18a5a49cb936
-
splitter
|'|'|
Targets
-
-
Target
93FE344BD0960DFBFCE8FD9C20127D1C75EC414E7A72B.exe
-
Size
23KB
-
MD5
37799e802b833bad50ef3267e495059c
-
SHA1
6df1d946f3c0f81e0029546f15fa49b34c6af587
-
SHA256
93fe344bd0960dfbfce8fd9c20127d1c75ec414e7a72b2e41fac998c7594327b
-
SHA512
95d5bb9968e7631052cc7ded5b7b9117b406ef05f25b85ca24e0e66176d44a201a462c6458d7f579b2f31bcfd8db0f1895b1d972ca589919ff942ad4b9c35bfa
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-