General
-
Target
d13fc7b3803ac2153769dd6437bfff31.exe
-
Size
31KB
-
Sample
211130-vpp99sfeem
-
MD5
d13fc7b3803ac2153769dd6437bfff31
-
SHA1
74adf3f27958c90827a0b5ee6296d8d4bbffe057
-
SHA256
99cf11a865fac03f57d85e42987e41e37ac1cbc410eaa86c18d833b08a92dba1
-
SHA512
952118791b0c357ce4b95dc27edab12248f72dbd7cc1845a44a1b5ed252894dc7fed300e1e3e7bbc9e900ab80727a5ba74b0cf0d56d8a8c3669e1ebaa32f6344
Behavioral task
behavioral1
Sample
d13fc7b3803ac2153769dd6437bfff31.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
d13fc7b3803ac2153769dd6437bfff31.exe
Resource
win10-en-20211104
Malware Config
Extracted
njrat
0.7d
MyBot
8.tcp.ngrok.io:13452
7ecf8e46c8ad8c72db05262ff07a36e7
-
reg_key
7ecf8e46c8ad8c72db05262ff07a36e7
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
d13fc7b3803ac2153769dd6437bfff31.exe
-
Size
31KB
-
MD5
d13fc7b3803ac2153769dd6437bfff31
-
SHA1
74adf3f27958c90827a0b5ee6296d8d4bbffe057
-
SHA256
99cf11a865fac03f57d85e42987e41e37ac1cbc410eaa86c18d833b08a92dba1
-
SHA512
952118791b0c357ce4b95dc27edab12248f72dbd7cc1845a44a1b5ed252894dc7fed300e1e3e7bbc9e900ab80727a5ba74b0cf0d56d8a8c3669e1ebaa32f6344
Score10/10-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-