General
-
Target
678c6d8585a6f5b73f1fb953852d72b18af35da4566248098ff1f13384977167
-
Size
151KB
-
Sample
220520-hy9daaabhl
-
MD5
de60ed7b81a44cc3f849f7d9cc1bc012
-
SHA1
116f0f25f3bccfaf3aeedd410c82aca5ff707a51
-
SHA256
678c6d8585a6f5b73f1fb953852d72b18af35da4566248098ff1f13384977167
-
SHA512
66ef7f125012a489e70e83e99d99a688df2b7c698447264fa8aca4b1e6b3b3bc35f62d09e4b48e75e7e27511f29db491cc7a0c44d5067a517a8878f5567de1fe
Static task
static1
Behavioral task
behavioral1
Sample
678c6d8585a6f5b73f1fb953852d72b18af35da4566248098ff1f13384977167.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
678c6d8585a6f5b73f1fb953852d72b18af35da4566248098ff1f13384977167.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
0.7d
HacKed
194.5.98.252:4040
33f7a57b89a02bde4760bf8635bffaec
-
reg_key
33f7a57b89a02bde4760bf8635bffaec
-
splitter
|'|'|
Targets
-
-
Target
678c6d8585a6f5b73f1fb953852d72b18af35da4566248098ff1f13384977167
-
Size
151KB
-
MD5
de60ed7b81a44cc3f849f7d9cc1bc012
-
SHA1
116f0f25f3bccfaf3aeedd410c82aca5ff707a51
-
SHA256
678c6d8585a6f5b73f1fb953852d72b18af35da4566248098ff1f13384977167
-
SHA512
66ef7f125012a489e70e83e99d99a688df2b7c698447264fa8aca4b1e6b3b3bc35f62d09e4b48e75e7e27511f29db491cc7a0c44d5067a517a8878f5567de1fe
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-