General
-
Target
44dba82c2ae65a2332940d741520d3db.exe
-
Size
93KB
-
Sample
211213-vbn52sfacj
-
MD5
44dba82c2ae65a2332940d741520d3db
-
SHA1
46dd600540cde151d9edf92ceb796f12c0682680
-
SHA256
56e6f2114ddf4a7e78eba500bf66bddccdb2ce051e9ccefd238cef54d11d3c0a
-
SHA512
e0d94dde04d2fd9edf6df96df02724ccfa2987f227da5ce64b9135dbfad7a1a756e7e806b7565fa6210d2b5834c94ae49bd4a7ff95a760fbd80c702b44fd0146
Behavioral task
behavioral1
Sample
44dba82c2ae65a2332940d741520d3db.exe
Resource
win7-en-20211208
Malware Config
Extracted
njrat
0.7d
HacKed
OTUuFRANSESCOjEzLjIxNy4yNDFRANSESCOStrik:NDMyMQ==
59ec108247976b115e6f863e4a5f1b18
-
reg_key
59ec108247976b115e6f863e4a5f1b18
-
splitter
|'|'|
Targets
-
-
Target
44dba82c2ae65a2332940d741520d3db.exe
-
Size
93KB
-
MD5
44dba82c2ae65a2332940d741520d3db
-
SHA1
46dd600540cde151d9edf92ceb796f12c0682680
-
SHA256
56e6f2114ddf4a7e78eba500bf66bddccdb2ce051e9ccefd238cef54d11d3c0a
-
SHA512
e0d94dde04d2fd9edf6df96df02724ccfa2987f227da5ce64b9135dbfad7a1a756e7e806b7565fa6210d2b5834c94ae49bd4a7ff95a760fbd80c702b44fd0146
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-