General
-
Target
dc52cb3d58087c26b2c4ccc95ec2a50df8b2ada10d368251b836b033f36eb0e3
-
Size
454KB
-
Sample
220121-22d64acbd4
-
MD5
724c9322da3b1c5f7994a466fbb6dc09
-
SHA1
d993e3da6da34581ba6d3ca18d33356767cbecf7
-
SHA256
dc52cb3d58087c26b2c4ccc95ec2a50df8b2ada10d368251b836b033f36eb0e3
-
SHA512
7d2ae83d9ad9ae790ee9c7b2fb1b35456b27c0e79e0fb313ad58aa342a2bd058b6b7337aa354b4b7462081ef73cbddc982a1be503aff135e4f3a1b6c9f808a7f
Static task
static1
Behavioral task
behavioral1
Sample
dc52cb3d58087c26b2c4ccc95ec2a50df8b2ada10d368251b836b033f36eb0e3.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
dc52cb3d58087c26b2c4ccc95ec2a50df8b2ada10d368251b836b033f36eb0e3.exe
Resource
win10-en-20211208
Malware Config
Extracted
njrat
0.7.3
ESTACIÓN TERPEL
estacion373.duckdns.org:1990
Client.exe
-
reg_key
Client.exe
-
splitter
1990
Targets
-
-
Target
dc52cb3d58087c26b2c4ccc95ec2a50df8b2ada10d368251b836b033f36eb0e3
-
Size
454KB
-
MD5
724c9322da3b1c5f7994a466fbb6dc09
-
SHA1
d993e3da6da34581ba6d3ca18d33356767cbecf7
-
SHA256
dc52cb3d58087c26b2c4ccc95ec2a50df8b2ada10d368251b836b033f36eb0e3
-
SHA512
7d2ae83d9ad9ae790ee9c7b2fb1b35456b27c0e79e0fb313ad58aa342a2bd058b6b7337aa354b4b7462081ef73cbddc982a1be503aff135e4f3a1b6c9f808a7f
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-