General
-
Target
c9631ad9ffaef823832bca97bc8c0a546a32ac3826af96220bb72c5fdd73856b
-
Size
23KB
-
Sample
220520-rrysmsbcan
-
MD5
688dfb26a4368c7358860736f1201392
-
SHA1
51994d18b2cc339f1d8cb507be6f04d607d8540d
-
SHA256
c9631ad9ffaef823832bca97bc8c0a546a32ac3826af96220bb72c5fdd73856b
-
SHA512
b9e44e430fcab893f965596bb0b8adb94ee712414a1e0cef70b6497966640e264f260c8639fef837f5a87382ef16c6215187fdf0ba72c5da59ed8aca25f36350
Behavioral task
behavioral1
Sample
c9631ad9ffaef823832bca97bc8c0a546a32ac3826af96220bb72c5fdd73856b.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
c9631ad9ffaef823832bca97bc8c0a546a32ac3826af96220bb72c5fdd73856b.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
0.7d
Hacked
abdulaziz.ddns.net:1177
8260cbb41b0c678f9045b3e5caec0609
-
reg_key
8260cbb41b0c678f9045b3e5caec0609
-
splitter
|'|'|
Targets
-
-
Target
c9631ad9ffaef823832bca97bc8c0a546a32ac3826af96220bb72c5fdd73856b
-
Size
23KB
-
MD5
688dfb26a4368c7358860736f1201392
-
SHA1
51994d18b2cc339f1d8cb507be6f04d607d8540d
-
SHA256
c9631ad9ffaef823832bca97bc8c0a546a32ac3826af96220bb72c5fdd73856b
-
SHA512
b9e44e430fcab893f965596bb0b8adb94ee712414a1e0cef70b6497966640e264f260c8639fef837f5a87382ef16c6215187fdf0ba72c5da59ed8aca25f36350
Score10/10-
Modifies Windows Firewall
-
Adds Run key to start application
-