General
-
Target
Aviso_importante_para_dar_mejor_aclaración_del_cobro_jurídico_ver.vbs
-
Size
151KB
-
Sample
220104-v6911ahffk
-
MD5
375043101c2b371e5db90b0abdb0379d
-
SHA1
8ca125b715a2f166ae8d24c87264f9beb4ddda6b
-
SHA256
fffd645e0ed3e653627764842ea17cb464bae80ef48ddb3dbe54d1eddf6b1bb9
-
SHA512
582ad71b82c9fd666a5c26738264aded5d226e1a2417f30e55f4b258c3c111caf18b15dcf9d0ffb48c1fa96a996a845cd9e64357925b0f29939252085d6ff416
Static task
static1
Behavioral task
behavioral1
Sample
Aviso_importante_para_dar_mejor_aclaración_del_cobro_jurídico_ver.vbs
Resource
win7-en-20211208
Malware Config
Extracted
http://91.241.19.49/ramdes/DownloaderF3.txt
Extracted
njrat
0.7NC
NYAN CAT
revg.duckdns.org:57831
ebef4abe57d24e8
-
reg_key
ebef4abe57d24e8
-
splitter
@!#&^%$
Targets
-
-
Target
Aviso_importante_para_dar_mejor_aclaración_del_cobro_jurídico_ver.vbs
-
Size
151KB
-
MD5
375043101c2b371e5db90b0abdb0379d
-
SHA1
8ca125b715a2f166ae8d24c87264f9beb4ddda6b
-
SHA256
fffd645e0ed3e653627764842ea17cb464bae80ef48ddb3dbe54d1eddf6b1bb9
-
SHA512
582ad71b82c9fd666a5c26738264aded5d226e1a2417f30e55f4b258c3c111caf18b15dcf9d0ffb48c1fa96a996a845cd9e64357925b0f29939252085d6ff416
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Blocklisted process makes network request
-
Drops startup file
-
Suspicious use of SetThreadContext
-