General
-
Target
a05ba3307eab357dec2c3647d079ab6c988c998e6dd065992aa8b677d9a30200
-
Size
450KB
-
Sample
220520-1lcsnaeae2
-
MD5
09ce5265625b19b7da8de9cd3516caa2
-
SHA1
f7a3ce800949de5eed57cd5d0787a5d8b179ee1f
-
SHA256
a05ba3307eab357dec2c3647d079ab6c988c998e6dd065992aa8b677d9a30200
-
SHA512
636a4cdda8a6599d50f138440a5277e9f2ad6b3b501d4774f96e6763cf50e67decdeee650d97e6534bb4138885a2455a60079f6974f943a34b766fce8f6d2550
Static task
static1
Behavioral task
behavioral1
Sample
a05ba3307eab357dec2c3647d079ab6c988c998e6dd065992aa8b677d9a30200.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacK
93.181.219.38:5552
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
a05ba3307eab357dec2c3647d079ab6c988c998e6dd065992aa8b677d9a30200
-
Size
450KB
-
MD5
09ce5265625b19b7da8de9cd3516caa2
-
SHA1
f7a3ce800949de5eed57cd5d0787a5d8b179ee1f
-
SHA256
a05ba3307eab357dec2c3647d079ab6c988c998e6dd065992aa8b677d9a30200
-
SHA512
636a4cdda8a6599d50f138440a5277e9f2ad6b3b501d4774f96e6763cf50e67decdeee650d97e6534bb4138885a2455a60079f6974f943a34b766fce8f6d2550
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-