Behavioral task
behavioral1
Sample
tmp/f5bf8807-2af3-457c-b37e-6f4875499969_onedrivenwt2.exe
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
tmp/f5bf8807-2af3-457c-b37e-6f4875499969_onedrivenwt2.exe
Resource
win10-en-20211208
windows10_x64
0 signatures
0 seconds
General
-
Target
tmp/f5bf8807-2af3-457c-b37e-6f4875499969_onedrivenwt2.exe
-
Size
20KB
-
MD5
09983f8a77b8aec0f5fb58adccf88a38
-
SHA1
86cbc88adeb1479259b80d8d24b005eba9b55b48
-
SHA256
76b5f9aa537f6d48961c685ff3e10c6b754218198ed2700cf256fcc64f1adf9c
-
SHA512
153dbbb568e1da23c8f35d6cbcf7d4747ac2fa7420832c4e98ff5ec4fb3dd20fc883ef4cd3cf9da79a3d0f8b6853a701b8f1b9ede92250dcef06477e9d7c8f78
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
HEXXOERRR
C2
musicnote.soundcast.me:91
Mutex
88169db1610442f489
Attributes
-
reg_key
88169db1610442f489
-
splitter
@!#&^%$
Signatures
-
Njrat family
Files
-
tmp/f5bf8807-2af3-457c-b37e-6f4875499969_onedrivenwt2.exe.exe windows x86