General
-
Target
Payload.bin
-
Size
27KB
-
Sample
210919-2fqyrsfbgj
-
MD5
c33318247f0f443ed1a25af2f9b76cf0
-
SHA1
30388f9d86200fec836bd2995f87a66c06cf3d9e
-
SHA256
c20aa2c35db0a9c2f811241e8ed3e959c5f297c41f11f9ea4d59def9c3219a81
-
SHA512
6e5562964b36083bf5f5496262fb39b16a78c903e2729f2c982d5906482c33cc5725d14e00998de489f66b69e73c21af15fbc125297ca37cead472e8138b4557
Behavioral task
behavioral1
Sample
Payload.bin.exe
Resource
win7-en-20210916
Behavioral task
behavioral2
Sample
Payload.bin.exe
Resource
win10v20210408
Malware Config
Extracted
njrat
v2.0
HacKed
efficient-oil.auto.playit.gg:55457
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
Payload.bin
-
Size
27KB
-
MD5
c33318247f0f443ed1a25af2f9b76cf0
-
SHA1
30388f9d86200fec836bd2995f87a66c06cf3d9e
-
SHA256
c20aa2c35db0a9c2f811241e8ed3e959c5f297c41f11f9ea4d59def9c3219a81
-
SHA512
6e5562964b36083bf5f5496262fb39b16a78c903e2729f2c982d5906482c33cc5725d14e00998de489f66b69e73c21af15fbc125297ca37cead472e8138b4557
Score10/10-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-