General
-
Target
b3b6165383cd36c4384b63335c8405dbee8dd322815654ca40a9e446739a3d78
-
Size
43KB
-
Sample
220520-2llw1aafbl
-
MD5
3e89b7f7efb7198e47a7d9fc3a6dc566
-
SHA1
6e231218efac0fecceb9537a3377baf867bfe7c6
-
SHA256
b3b6165383cd36c4384b63335c8405dbee8dd322815654ca40a9e446739a3d78
-
SHA512
156c104b8cd3eb3a0c2045aa8be784aa227a7430e8523cd14897e0b3f4eb7bc4aa61c0daed7abda66219db078818ccdb35421ab83cbc4aee5e23cf84286bb93f
Behavioral task
behavioral1
Sample
b3b6165383cd36c4384b63335c8405dbee8dd322815654ca40a9e446739a3d78.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
192.168.1.4:7777
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
b3b6165383cd36c4384b63335c8405dbee8dd322815654ca40a9e446739a3d78
-
Size
43KB
-
MD5
3e89b7f7efb7198e47a7d9fc3a6dc566
-
SHA1
6e231218efac0fecceb9537a3377baf867bfe7c6
-
SHA256
b3b6165383cd36c4384b63335c8405dbee8dd322815654ca40a9e446739a3d78
-
SHA512
156c104b8cd3eb3a0c2045aa8be784aa227a7430e8523cd14897e0b3f4eb7bc4aa61c0daed7abda66219db078818ccdb35421ab83cbc4aee5e23cf84286bb93f
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-