General
-
Target
c7d5ea3b83db855d97ce4df784f5c7556bae16f3297ae9399f5a14d686a1dbc7.zip
-
Size
176KB
-
Sample
211004-hkx34agafl
-
MD5
5067f2f61ac73acfc8bbe7081318c8a3
-
SHA1
343852e7ebb803f5479155dbdcfdc6d620b0e9d9
-
SHA256
6c83a463a188ae19a43d8fc3dec7d77b848198602e076c3baba00cba3e7cf40b
-
SHA512
7e55149f7ce5f4f7401662622c3021d508782ad9e64c088692fb994c3d97c092284a7b1e42c958bbffe0a5488bc5540b3f01adaf619cb3cee2ea147dd9a4e87a
Static task
static1
Behavioral task
behavioral1
Sample
c7d5ea3b83db855d97ce4df784f5c7556bae16f3297ae9399f5a14d686a1dbc7.ps1
Resource
win7-en-20210920
Malware Config
Extracted
njrat
v4.0
Boss
103.147.184.73:7103
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
c7d5ea3b83db855d97ce4df784f5c7556bae16f3297ae9399f5a14d686a1dbc7.ps1
-
Size
2.2MB
-
MD5
438f192c7282265b78ea831b779a5635
-
SHA1
0197c04c82a4ab39ec6a914be4b533eacfc6c3b4
-
SHA256
c7d5ea3b83db855d97ce4df784f5c7556bae16f3297ae9399f5a14d686a1dbc7
-
SHA512
7009dd62daf3c710766323fbe06bc779e2ca09d741bd84980a8b31ff30c7fdd9d05d9280730df633618c4e79c9ad44c57b81ade62283e91da669061afdebb6d5
-
Drops startup file
-
Suspicious use of SetThreadContext
-