General
-
Target
834e38185fb19b1adf58cc82aaf73e1e.exe
-
Size
399KB
-
Sample
211025-jcdvxsfgd5
-
MD5
834e38185fb19b1adf58cc82aaf73e1e
-
SHA1
2a3bca9b936093f82a1be92737012e683a863a6a
-
SHA256
8a2e1a0ade05db6ef7fdc307b058119e7d84c26b7a75495a4348e310d67f15e7
-
SHA512
4fe755a20fcbf6ac5c1f4993489a9c00306908f4497d11d1d260aad6bf26dbb7cd7b86e14d0d15f2546267df8cd19b2765405a1ee446d8bd316aa11201f1e7c9
Static task
static1
Behavioral task
behavioral1
Sample
834e38185fb19b1adf58cc82aaf73e1e.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
834e38185fb19b1adf58cc82aaf73e1e.exe
Resource
win10-en-20211014
Malware Config
Extracted
njrat
v2.0
------(Send)------
new.libya2020.com.ly:2020
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
834e38185fb19b1adf58cc82aaf73e1e.exe
-
Size
399KB
-
MD5
834e38185fb19b1adf58cc82aaf73e1e
-
SHA1
2a3bca9b936093f82a1be92737012e683a863a6a
-
SHA256
8a2e1a0ade05db6ef7fdc307b058119e7d84c26b7a75495a4348e310d67f15e7
-
SHA512
4fe755a20fcbf6ac5c1f4993489a9c00306908f4497d11d1d260aad6bf26dbb7cd7b86e14d0d15f2546267df8cd19b2765405a1ee446d8bd316aa11201f1e7c9
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-