General
-
Target
13fad25d5b28e40800b274126f0156fd556053dfd5da26372332d1d423ad513a
-
Size
43KB
-
Sample
220520-fanqkaadb7
-
MD5
ee5027ce7b50ae0ca2f47fb53c4fd3fc
-
SHA1
7712a2b7763a90efb6666c5f9b59f662107f6b9a
-
SHA256
13fad25d5b28e40800b274126f0156fd556053dfd5da26372332d1d423ad513a
-
SHA512
62c504561a9c3faef0b85918601366c695306c8f0573209af63d4839f9d5dc9849d7db5f30008302f52b99ad6d823f566347d1fd4e6a6beb667c172d3e9a8614
Behavioral task
behavioral1
Sample
13fad25d5b28e40800b274126f0156fd556053dfd5da26372332d1d423ad513a.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
13fad25d5b28e40800b274126f0156fd556053dfd5da26372332d1d423ad513a.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
0.tcp.ngrok.io:18438
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
13fad25d5b28e40800b274126f0156fd556053dfd5da26372332d1d423ad513a
-
Size
43KB
-
MD5
ee5027ce7b50ae0ca2f47fb53c4fd3fc
-
SHA1
7712a2b7763a90efb6666c5f9b59f662107f6b9a
-
SHA256
13fad25d5b28e40800b274126f0156fd556053dfd5da26372332d1d423ad513a
-
SHA512
62c504561a9c3faef0b85918601366c695306c8f0573209af63d4839f9d5dc9849d7db5f30008302f52b99ad6d823f566347d1fd4e6a6beb667c172d3e9a8614
Score10/10-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Executes dropped EXE
-
Drops startup file
-
Adds Run key to start application
-