General
-
Target
Scanned1009.exe
-
Size
516KB
-
Sample
211211-d9cq8safb2
-
MD5
13dbdf1e060c9dbf33ac71c251658abf
-
SHA1
5af228c14aff5ba52936fb5fab0980892374eef4
-
SHA256
f7eb71b62589cc3b7c22d3731ce09e2d9165e1e5d721c56da0f2f2e8362af339
-
SHA512
0b9b47f9eb55c55b401816d834818d1e42c45d83f042992c92c652cf349cad8d9def4605816b24ffd915427fc734266c072af2a349d89a20a68fdc66ff1a6e86
Static task
static1
Behavioral task
behavioral1
Sample
Scanned1009.exe
Resource
win7-en-20211208
Malware Config
Extracted
njrat
v2.0
HacKed
dccgroup.duckdns.org:5419
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
Scanned1009.exe
-
Size
516KB
-
MD5
13dbdf1e060c9dbf33ac71c251658abf
-
SHA1
5af228c14aff5ba52936fb5fab0980892374eef4
-
SHA256
f7eb71b62589cc3b7c22d3731ce09e2d9165e1e5d721c56da0f2f2e8362af339
-
SHA512
0b9b47f9eb55c55b401816d834818d1e42c45d83f042992c92c652cf349cad8d9def4605816b24ffd915427fc734266c072af2a349d89a20a68fdc66ff1a6e86
-
Executes dropped EXE
-
Drops startup file
-
Suspicious use of SetThreadContext
-