General
-
Target
97068a4238e0c80d004ecc1cc654c54ec37f46d553dfc1f2a036cf554d832ac7
-
Size
19.2MB
-
Sample
220324-2gbkgacack
-
MD5
52a0cd270cdec3c8e884b2c26d93da60
-
SHA1
00b2d7cf85a7905fa6905b693cc5940bc12464ed
-
SHA256
97068a4238e0c80d004ecc1cc654c54ec37f46d553dfc1f2a036cf554d832ac7
-
SHA512
c74169ee90682378296ffa2649da3a065295f13390de5bacf643ddc0a1449e8cbe5168451587a27c323260cb7943332cad2075427664faf72ea0a89e508aa0ee
Static task
static1
Behavioral task
behavioral1
Sample
97068a4238e0c80d004ecc1cc654c54ec37f46d553dfc1f2a036cf554d832ac7.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
97068a4238e0c80d004ecc1cc654c54ec37f46d553dfc1f2a036cf554d832ac7.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
njrat
Hacked By HiDDen PerSOn
f61357b8b080724a5c9d83bf17ac5a23
-
reg_key
f61357b8b080724a5c9d83bf17ac5a23
Targets
-
-
Target
97068a4238e0c80d004ecc1cc654c54ec37f46d553dfc1f2a036cf554d832ac7
-
Size
19.2MB
-
MD5
52a0cd270cdec3c8e884b2c26d93da60
-
SHA1
00b2d7cf85a7905fa6905b693cc5940bc12464ed
-
SHA256
97068a4238e0c80d004ecc1cc654c54ec37f46d553dfc1f2a036cf554d832ac7
-
SHA512
c74169ee90682378296ffa2649da3a065295f13390de5bacf643ddc0a1449e8cbe5168451587a27c323260cb7943332cad2075427664faf72ea0a89e508aa0ee
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-