General
-
Target
00FAAF68512770431F268AA1A1A26F8C589A3F53298DB.exe
-
Size
1.0MB
-
Sample
210917-m56yysfdd9
-
MD5
9d7d796646913b03fa10b8d0770ece41
-
SHA1
bb689e893dd764b3e55d0da1ddf91de2ef38b088
-
SHA256
00faaf68512770431f268aa1a1a26f8c589a3f53298db6311fd38f263fe0d474
-
SHA512
602f2ae98c32ad044deff1edfb9bd5b1d696269880962e6912d1c06b0c809e2ceea353ce854a666fcb917eb24c1d549caa048ad6482124fef10ddb95e70655d1
Static task
static1
Behavioral task
behavioral1
Sample
00FAAF68512770431F268AA1A1A26F8C589A3F53298DB.exe
Resource
win7-en-20210916
Behavioral task
behavioral2
Sample
00FAAF68512770431F268AA1A1A26F8C589A3F53298DB.exe
Resource
win10v20210408
Malware Config
Extracted
njrat
0.7d
Hacked By Mr.Franko
frankohacker.strangled.net:5552
69bd721f047aceee1a553df23f737f3e
-
reg_key
69bd721f047aceee1a553df23f737f3e
-
splitter
|'|'|
Targets
-
-
Target
00FAAF68512770431F268AA1A1A26F8C589A3F53298DB.exe
-
Size
1.0MB
-
MD5
9d7d796646913b03fa10b8d0770ece41
-
SHA1
bb689e893dd764b3e55d0da1ddf91de2ef38b088
-
SHA256
00faaf68512770431f268aa1a1a26f8c589a3f53298db6311fd38f263fe0d474
-
SHA512
602f2ae98c32ad044deff1edfb9bd5b1d696269880962e6912d1c06b0c809e2ceea353ce854a666fcb917eb24c1d549caa048ad6482124fef10ddb95e70655d1
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-