General
-
Target
3de70e8b308469f55fafddb2e107d3ae908005e1445eb5d1b09a7ff690f62c67
-
Size
136KB
-
Sample
210930-pseeaahga5
-
MD5
359a08045b66fe5f71fde43f9a6db01b
-
SHA1
4580e9f5becff35c4c4e773931d18f2df166d9fc
-
SHA256
3de70e8b308469f55fafddb2e107d3ae908005e1445eb5d1b09a7ff690f62c67
-
SHA512
81b120f81da9b442cb008093b54893d44dad911caffc1008c7de792e1420e1bedc15deb616f745e807410f47db3c049a316a77ffe42bef6959359f39af841683
Static task
static1
Behavioral task
behavioral1
Sample
3de70e8b308469f55fafddb2e107d3ae908005e1445eb5d1b09a7ff690f62c67.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
3de70e8b308469f55fafddb2e107d3ae908005e1445eb5d1b09a7ff690f62c67.exe
Resource
win10v20210408
Malware Config
Extracted
njrat
0.7d
HacKed
127.0.0.1:5552
279f6960ed84a752570aca7fb2dc1552
-
reg_key
279f6960ed84a752570aca7fb2dc1552
-
splitter
|'|'|
Targets
-
-
Target
3de70e8b308469f55fafddb2e107d3ae908005e1445eb5d1b09a7ff690f62c67
-
Size
136KB
-
MD5
359a08045b66fe5f71fde43f9a6db01b
-
SHA1
4580e9f5becff35c4c4e773931d18f2df166d9fc
-
SHA256
3de70e8b308469f55fafddb2e107d3ae908005e1445eb5d1b09a7ff690f62c67
-
SHA512
81b120f81da9b442cb008093b54893d44dad911caffc1008c7de792e1420e1bedc15deb616f745e807410f47db3c049a316a77ffe42bef6959359f39af841683
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-