General
-
Target
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3
-
Size
22KB
-
Sample
220520-hzdm1aacam
-
MD5
3ca22ed6e206f18c2daddf9ac5f68165
-
SHA1
fe3e43c18985e2f5da3cec5df75d3cb91230e21f
-
SHA256
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3
-
SHA512
4f2704f06fd9ddac90df14dd97622e1514e4f4319c665d55bcf4f1aadc9b30e1291586646ce71449d762db3d99fd0af2190ee09b0b2ecb877c441b079b7311c0
Behavioral task
behavioral1
Sample
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
Hallaj PRO Rat [Fixed]
HacKed
mack2.3utilities.com:5552
bded9d5613797f058ea990770ab6a325
-
reg_key
bded9d5613797f058ea990770ab6a325
-
splitter
boolLove
Targets
-
-
Target
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3
-
Size
22KB
-
MD5
3ca22ed6e206f18c2daddf9ac5f68165
-
SHA1
fe3e43c18985e2f5da3cec5df75d3cb91230e21f
-
SHA256
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3
-
SHA512
4f2704f06fd9ddac90df14dd97622e1514e4f4319c665d55bcf4f1aadc9b30e1291586646ce71449d762db3d99fd0af2190ee09b0b2ecb877c441b079b7311c0
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-