General
-
Target
8f5f1f7e22a920eda275f0983d379985ba6b921112308daf60b15b1d0cb04404
-
Size
31KB
-
Sample
220520-2pzbhaagfk
-
MD5
9e41cd107fb4c1b437246ef8b5fe64ec
-
SHA1
b5132e4c08c5c038b732a438862eb9c00f437f34
-
SHA256
8f5f1f7e22a920eda275f0983d379985ba6b921112308daf60b15b1d0cb04404
-
SHA512
cbb7066396db083179d8adfa668ba49882b8d6272dd6deb5f6b73b30e873b9083bdd2535a76a66edfdc36161526e48ff5e95afd0eb1980db0512c1165fc2748c
Behavioral task
behavioral1
Sample
8f5f1f7e22a920eda275f0983d379985ba6b921112308daf60b15b1d0cb04404.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
0.7d
MyBot
192.168.157.1:80
a5f0657b4c860308399dc7b1f71c2ea3
-
reg_key
a5f0657b4c860308399dc7b1f71c2ea3
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
8f5f1f7e22a920eda275f0983d379985ba6b921112308daf60b15b1d0cb04404
-
Size
31KB
-
MD5
9e41cd107fb4c1b437246ef8b5fe64ec
-
SHA1
b5132e4c08c5c038b732a438862eb9c00f437f34
-
SHA256
8f5f1f7e22a920eda275f0983d379985ba6b921112308daf60b15b1d0cb04404
-
SHA512
cbb7066396db083179d8adfa668ba49882b8d6272dd6deb5f6b73b30e873b9083bdd2535a76a66edfdc36161526e48ff5e95afd0eb1980db0512c1165fc2748c
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-