General
-
Target
da1e7c7c27b4846da4557a0b766285dffcf4be704327afad1eaa2fe75b42e5ed
-
Size
43KB
-
Sample
220520-xcna9afcbl
-
MD5
2cbedbd088a2d679fa54e49f1ca04f07
-
SHA1
933e21bf76b0d6c43e670c58ce32a7785696bb1a
-
SHA256
da1e7c7c27b4846da4557a0b766285dffcf4be704327afad1eaa2fe75b42e5ed
-
SHA512
25144360822c308cc22b8f4f722fed662390aac5d0460452dcdd01445e996fe3982514cf976ae3ef129795d8fa565fcb992acd438eafa3fa20b975278b99ae9b
Behavioral task
behavioral1
Sample
da1e7c7c27b4846da4557a0b766285dffcf4be704327afad1eaa2fe75b42e5ed.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
gazik500,ddns.net:9292
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
da1e7c7c27b4846da4557a0b766285dffcf4be704327afad1eaa2fe75b42e5ed
-
Size
43KB
-
MD5
2cbedbd088a2d679fa54e49f1ca04f07
-
SHA1
933e21bf76b0d6c43e670c58ce32a7785696bb1a
-
SHA256
da1e7c7c27b4846da4557a0b766285dffcf4be704327afad1eaa2fe75b42e5ed
-
SHA512
25144360822c308cc22b8f4f722fed662390aac5d0460452dcdd01445e996fe3982514cf976ae3ef129795d8fa565fcb992acd438eafa3fa20b975278b99ae9b
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-