General
-
Target
dd5f2accefc6c6e3f0ffaa939e7466b0.exe
-
Size
93KB
-
Sample
211224-wqa3eadgeq
-
MD5
dd5f2accefc6c6e3f0ffaa939e7466b0
-
SHA1
9acf53d5bf720e9bd7ebd2222d9c367be68eb6c4
-
SHA256
01a7fccd0aa64adcaa13e7109f8c969cabefcba820efaafbd75c6cd28490fe64
-
SHA512
e64d7c39b806d7a0bfa1065b50320f227e632f74b69f084f4f721f15f06dffb07e6f7addc5bed574359419922b06915b33b9834ed391b5f6baffd30ded7fa02e
Behavioral task
behavioral1
Sample
dd5f2accefc6c6e3f0ffaa939e7466b0.exe
Resource
win7-en-20211208
Malware Config
Extracted
njrat
0.7d
HacKed
aXZpendpei5kZG5zLm5ldAStrikStrik:MTEyMg==
2fc48b1a11b49734cf2eee30891a9de9
-
reg_key
2fc48b1a11b49734cf2eee30891a9de9
-
splitter
|'|'|
Targets
-
-
Target
dd5f2accefc6c6e3f0ffaa939e7466b0.exe
-
Size
93KB
-
MD5
dd5f2accefc6c6e3f0ffaa939e7466b0
-
SHA1
9acf53d5bf720e9bd7ebd2222d9c367be68eb6c4
-
SHA256
01a7fccd0aa64adcaa13e7109f8c969cabefcba820efaafbd75c6cd28490fe64
-
SHA512
e64d7c39b806d7a0bfa1065b50320f227e632f74b69f084f4f721f15f06dffb07e6f7addc5bed574359419922b06915b33b9834ed391b5f6baffd30ded7fa02e
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Loads dropped DLL
-
Drops file in System32 directory
-