General
-
Target
5320400539E21BE4EEE7C8ADC75F045B957D5696007AD.exe
-
Size
37KB
-
Sample
211118-l175sacchj
-
MD5
cd1ba87e58f7a1c7dbd1dfc3c9b027a2
-
SHA1
c05f65395e32da15608b008ea9d6f1feff90d3e5
-
SHA256
5320400539e21be4eee7c8adc75f045b957d5696007adb23c0f390bcfdfea9cc
-
SHA512
d079c4870e8c3a0829ab8e6d5f261e231179041390ef4a93d9faffe4450b9ea22338cdbd9a8c57672b40fe25c517baf9e3978f4661261748447b2b865565d035
Static task
static1
Behavioral task
behavioral1
Sample
5320400539E21BE4EEE7C8ADC75F045B957D5696007AD.exe
Resource
win7-en-20211104
Malware Config
Extracted
njrat
im523
xxxxxxxxx.exe
4.tcp.ngrok.io:16415
2610bdfa4fe0f690b7929cc2b550f15c
-
reg_key
2610bdfa4fe0f690b7929cc2b550f15c
-
splitter
|'|'|
Targets
-
-
Target
5320400539E21BE4EEE7C8ADC75F045B957D5696007AD.exe
-
Size
37KB
-
MD5
cd1ba87e58f7a1c7dbd1dfc3c9b027a2
-
SHA1
c05f65395e32da15608b008ea9d6f1feff90d3e5
-
SHA256
5320400539e21be4eee7c8adc75f045b957d5696007adb23c0f390bcfdfea9cc
-
SHA512
d079c4870e8c3a0829ab8e6d5f261e231179041390ef4a93d9faffe4450b9ea22338cdbd9a8c57672b40fe25c517baf9e3978f4661261748447b2b865565d035
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Modifies Windows Firewall
-