General
-
Target
AWB#630532456685.vbs
-
Size
703KB
-
Sample
211101-lh8nlahdd7
-
MD5
ee5187d49e6691c383c02f1d3a92f60c
-
SHA1
8b35c07251b1b6bd9b5f0769a209db31cea406fc
-
SHA256
cba3e50fbc511a95a710d40aa37f9a3b905f7a1cd6b3d46bdcde8e6bfa083ca6
-
SHA512
c2279d022bb55dbe0fdc5d8a88999017abd91528999a89a86a47452954d9afe6115b34feaf093aa01a40641b83d1af92ea0a5b0925b5abc5d886d6d0467faf64
Static task
static1
Behavioral task
behavioral1
Sample
AWB#630532456685.vbs
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
AWB#630532456685.vbs
Resource
win10-en-20210920
Malware Config
Extracted
njrat
v2.0
------(MEILLLER)------
new.libya2020.com.ly:2020
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
AWB#630532456685.vbs
-
Size
703KB
-
MD5
ee5187d49e6691c383c02f1d3a92f60c
-
SHA1
8b35c07251b1b6bd9b5f0769a209db31cea406fc
-
SHA256
cba3e50fbc511a95a710d40aa37f9a3b905f7a1cd6b3d46bdcde8e6bfa083ca6
-
SHA512
c2279d022bb55dbe0fdc5d8a88999017abd91528999a89a86a47452954d9afe6115b34feaf093aa01a40641b83d1af92ea0a5b0925b5abc5d886d6d0467faf64
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-