General
-
Target
dac45e2cb36561bb596a193bcecda204897edc877d3b53d7f90afe00de985e35
-
Size
37KB
-
Sample
220520-3sg23accgl
-
MD5
d188c64010292c6bc14b39300ea1b02c
-
SHA1
9e528a712b392f06702474754b69dbc5464aa67a
-
SHA256
dac45e2cb36561bb596a193bcecda204897edc877d3b53d7f90afe00de985e35
-
SHA512
a080a35a1013e36c8606d8b9c4536bb7a4ba302999abfd36f05f3f42c97caaa8a2dbb9533ca91521255905c1fd8fbabfb2772299d3f43deefb082969030d453e
Behavioral task
behavioral1
Sample
dac45e2cb36561bb596a193bcecda204897edc877d3b53d7f90afe00de985e35.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
im523
HacKed
127.0.0.1:5552
5a545701cd814ea07365ecbf66477e27
-
reg_key
5a545701cd814ea07365ecbf66477e27
-
splitter
|'|'|
Targets
-
-
Target
dac45e2cb36561bb596a193bcecda204897edc877d3b53d7f90afe00de985e35
-
Size
37KB
-
MD5
d188c64010292c6bc14b39300ea1b02c
-
SHA1
9e528a712b392f06702474754b69dbc5464aa67a
-
SHA256
dac45e2cb36561bb596a193bcecda204897edc877d3b53d7f90afe00de985e35
-
SHA512
a080a35a1013e36c8606d8b9c4536bb7a4ba302999abfd36f05f3f42c97caaa8a2dbb9533ca91521255905c1fd8fbabfb2772299d3f43deefb082969030d453e
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-