General
-
Target
d898aa22108a5f9bd80b540d600c071aae8ea193c47bd218aec801d1dd29d998
-
Size
29KB
-
Sample
220520-ftx4caeaep
-
MD5
39beed27bc3bb6b6bc722be86214dc08
-
SHA1
d01e73a1830e0f110ac2537b88eb6744917e0bcb
-
SHA256
d898aa22108a5f9bd80b540d600c071aae8ea193c47bd218aec801d1dd29d998
-
SHA512
1e2010f7c7ce5bb006c32ebef49392614f6a2c3ff072729db64376c04e396e8dfa7ce89b2072f375d536f098c19fa5a5b26e1812fcbffae809c5b0b50eb8136b
Behavioral task
behavioral1
Sample
d898aa22108a5f9bd80b540d600c071aae8ea193c47bd218aec801d1dd29d998.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d898aa22108a5f9bd80b540d600c071aae8ea193c47bd218aec801d1dd29d998.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
0.6.4
HacKed
viki777.zapto.org:2323
908c677e5c323e98e6d8f1be8c979de0
-
reg_key
908c677e5c323e98e6d8f1be8c979de0
-
splitter
|'|'|
Targets
-
-
Target
d898aa22108a5f9bd80b540d600c071aae8ea193c47bd218aec801d1dd29d998
-
Size
29KB
-
MD5
39beed27bc3bb6b6bc722be86214dc08
-
SHA1
d01e73a1830e0f110ac2537b88eb6744917e0bcb
-
SHA256
d898aa22108a5f9bd80b540d600c071aae8ea193c47bd218aec801d1dd29d998
-
SHA512
1e2010f7c7ce5bb006c32ebef49392614f6a2c3ff072729db64376c04e396e8dfa7ce89b2072f375d536f098c19fa5a5b26e1812fcbffae809c5b0b50eb8136b
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-