General
-
Target
df841db0f1f8f968ec6fc8c0d8bbd618bbacdcd7bf8146ad0267371884071576
-
Size
13KB
-
Sample
210916-kn35mafdep
-
MD5
354b2d0793453d6be6e92cb740f170e4
-
SHA1
9061310c8d87029de3088a95f22c28614d1c916f
-
SHA256
df841db0f1f8f968ec6fc8c0d8bbd618bbacdcd7bf8146ad0267371884071576
-
SHA512
dd74a5ff1a704104313b71ee83710896eff4e3d38ced07c68593025eae1ed13da6b44cbc635b9dbee384dd22ae7d18d16f89371b79466b33645fe3cadf27ed35
Static task
static1
Behavioral task
behavioral1
Sample
df841db0f1f8f968ec6fc8c0d8bbd618bbacdcd7bf8146ad0267371884071576.exe
Resource
win7-en
Behavioral task
behavioral2
Sample
df841db0f1f8f968ec6fc8c0d8bbd618bbacdcd7bf8146ad0267371884071576.exe
Resource
win10v20210408
Malware Config
Extracted
njrat
0.7NC
NYAN CAT
107.167.244.67:18971
4a178b198a1a4260aad
-
reg_key
4a178b198a1a4260aad
-
splitter
@!#&^%$
Targets
-
-
Target
df841db0f1f8f968ec6fc8c0d8bbd618bbacdcd7bf8146ad0267371884071576
-
Size
13KB
-
MD5
354b2d0793453d6be6e92cb740f170e4
-
SHA1
9061310c8d87029de3088a95f22c28614d1c916f
-
SHA256
df841db0f1f8f968ec6fc8c0d8bbd618bbacdcd7bf8146ad0267371884071576
-
SHA512
dd74a5ff1a704104313b71ee83710896eff4e3d38ced07c68593025eae1ed13da6b44cbc635b9dbee384dd22ae7d18d16f89371b79466b33645fe3cadf27ed35
Score10/10-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Downloads MZ/PE file
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-