General
-
Target
b89b5e517e7df0a38513dd9678dcf8b6.exe
-
Size
31KB
-
Sample
220106-s5cyrsbdb7
-
MD5
b89b5e517e7df0a38513dd9678dcf8b6
-
SHA1
9a8a96035480e095f119357052b9a74714799ee7
-
SHA256
061d0bf70bd333159f63aa7bf4f05d51c6056e634df5fc2368f376b54585b530
-
SHA512
8163409b04fa98e4aa642deee92bbe589a2835e96ebce6c29faacda9deba815786143e224782ed9c8d90b20784fdf9535242c6e840c8e85bdb841b55679cb5b5
Static task
static1
Behavioral task
behavioral1
Sample
b89b5e517e7df0a38513dd9678dcf8b6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
b89b5e517e7df0a38513dd9678dcf8b6.exe
Resource
win10-en-20211208
Malware Config
Extracted
njrat
0.7d
Scammer or Retard
3.tcp.eu.ngrok.io:20488
bc0a855433cc362854ed34ff96dd565f
-
reg_key
bc0a855433cc362854ed34ff96dd565f
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
b89b5e517e7df0a38513dd9678dcf8b6.exe
-
Size
31KB
-
MD5
b89b5e517e7df0a38513dd9678dcf8b6
-
SHA1
9a8a96035480e095f119357052b9a74714799ee7
-
SHA256
061d0bf70bd333159f63aa7bf4f05d51c6056e634df5fc2368f376b54585b530
-
SHA512
8163409b04fa98e4aa642deee92bbe589a2835e96ebce6c29faacda9deba815786143e224782ed9c8d90b20784fdf9535242c6e840c8e85bdb841b55679cb5b5
Score10/10-
Modifies Windows Firewall
-
Adds Run key to start application
-