General
-
Target
2c6fae2182c59ef4cee6b63e29cf7fa66990e40ad5c22b6a469d3c935766202c
-
Size
662KB
-
Sample
211118-bhgj1aedg3
-
MD5
51b5e9e7d1d63c1acd6df20dda31004a
-
SHA1
2a935b93c9135bb4d0d849c8219c453075bcdf47
-
SHA256
2c6fae2182c59ef4cee6b63e29cf7fa66990e40ad5c22b6a469d3c935766202c
-
SHA512
f91f54e994b898e96743ece7f61613301d78e398361d10bbd25c0b59e59bd75fe6a438adc8ce4ce20031fa2202d4c7a5239bbbf105aba8619b43717950b6a202
Static task
static1
Behavioral task
behavioral1
Sample
2c6fae2182c59ef4cee6b63e29cf7fa66990e40ad5c22b6a469d3c935766202c.exe
Resource
win10-en-20211104
Malware Config
Extracted
njrat
0.7d
HacKed
107.155.132.152:5552
2b9f14c7f031fd1035abf9fa94c773ba
-
reg_key
2b9f14c7f031fd1035abf9fa94c773ba
-
splitter
|'|'|
Targets
-
-
Target
2c6fae2182c59ef4cee6b63e29cf7fa66990e40ad5c22b6a469d3c935766202c
-
Size
662KB
-
MD5
51b5e9e7d1d63c1acd6df20dda31004a
-
SHA1
2a935b93c9135bb4d0d849c8219c453075bcdf47
-
SHA256
2c6fae2182c59ef4cee6b63e29cf7fa66990e40ad5c22b6a469d3c935766202c
-
SHA512
f91f54e994b898e96743ece7f61613301d78e398361d10bbd25c0b59e59bd75fe6a438adc8ce4ce20031fa2202d4c7a5239bbbf105aba8619b43717950b6a202
Score10/10-
Modifies Windows Firewall
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-