General
-
Target
00b298eb0d75725955d9da09e33bb625bb7415bf550abd655082f69666aa6500
-
Size
37KB
-
Sample
220520-fbnf7aadf9
-
MD5
accacc1c4c9a92e41809008b23681085
-
SHA1
2b657e8257647fe5243a1fd494196b4dd96b72eb
-
SHA256
00b298eb0d75725955d9da09e33bb625bb7415bf550abd655082f69666aa6500
-
SHA512
198544ccc224b03b0758f4eafc0fe3c4efc8ed59891b56ba81ada751723b58c7b2026022bf93e2509f564408b8e0855b14a904c3ad69fa12570b79eaf15f25ee
Behavioral task
behavioral1
Sample
00b298eb0d75725955d9da09e33bb625bb7415bf550abd655082f69666aa6500.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
im523
HacKed
127.0.0.1:5552
267632fbed75e86ba99f14a92cc1a8d8
-
reg_key
267632fbed75e86ba99f14a92cc1a8d8
-
splitter
|'|'|
Targets
-
-
Target
00b298eb0d75725955d9da09e33bb625bb7415bf550abd655082f69666aa6500
-
Size
37KB
-
MD5
accacc1c4c9a92e41809008b23681085
-
SHA1
2b657e8257647fe5243a1fd494196b4dd96b72eb
-
SHA256
00b298eb0d75725955d9da09e33bb625bb7415bf550abd655082f69666aa6500
-
SHA512
198544ccc224b03b0758f4eafc0fe3c4efc8ed59891b56ba81ada751723b58c7b2026022bf93e2509f564408b8e0855b14a904c3ad69fa12570b79eaf15f25ee
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-