General
-
Target
d173b9844be24a9172f2f2adcde3dd65090afa690b1bd.exe
-
Size
4KB
-
Sample
211105-n6weaabfd3
-
MD5
b9a1c7dd8171afe0e3fc1524f5eafb18
-
SHA1
19b79357841b2bcb3438011f4c8e45f7278aeaa9
-
SHA256
d173b9844be24a9172f2f2adcde3dd65090afa690b1bd952a7da01de33ad60ef
-
SHA512
d57c9cf4a489dec1f8b17351173e1ffc202e454f214b85e132fbd5d8af2d4a611e50e1a7f85eb0dfce438539aaec3b143d1fafafbaa0def914f6401c5993da6d
Static task
static1
Behavioral task
behavioral1
Sample
d173b9844be24a9172f2f2adcde3dd65090afa690b1bd.exe
Resource
win7-en-20211014
Malware Config
Extracted
njrat
0.7NC
NYAN CAT
redlan.linkpc.net:5553
3b407dd04ed042
-
reg_key
3b407dd04ed042
-
splitter
@!#&^%$
Targets
-
-
Target
d173b9844be24a9172f2f2adcde3dd65090afa690b1bd.exe
-
Size
4KB
-
MD5
b9a1c7dd8171afe0e3fc1524f5eafb18
-
SHA1
19b79357841b2bcb3438011f4c8e45f7278aeaa9
-
SHA256
d173b9844be24a9172f2f2adcde3dd65090afa690b1bd952a7da01de33ad60ef
-
SHA512
d57c9cf4a489dec1f8b17351173e1ffc202e454f214b85e132fbd5d8af2d4a611e50e1a7f85eb0dfce438539aaec3b143d1fafafbaa0def914f6401c5993da6d
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-