General
-
Target
128a3a8ca2f63f12a3f5c52c11635989bc2b3dd14e705b8868817c9bf7623426
-
Size
43KB
-
Sample
220520-z4qa2adea4
-
MD5
7557d4d25110dd9da2ec0decf9371c87
-
SHA1
4c836fc63e4ecb4edef195b11fe467a94a7ce7ee
-
SHA256
128a3a8ca2f63f12a3f5c52c11635989bc2b3dd14e705b8868817c9bf7623426
-
SHA512
24de0797d58f68347cee803b7d49df892c1f1ec679df173539d95a5e20978b32b9a657e1c51248dce0ebaab1960708186347f14e4470684e623242301804fe0b
Behavioral task
behavioral1
Sample
128a3a8ca2f63f12a3f5c52c11635989bc2b3dd14e705b8868817c9bf7623426.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
nanat.ddns.net :1604
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
128a3a8ca2f63f12a3f5c52c11635989bc2b3dd14e705b8868817c9bf7623426
-
Size
43KB
-
MD5
7557d4d25110dd9da2ec0decf9371c87
-
SHA1
4c836fc63e4ecb4edef195b11fe467a94a7ce7ee
-
SHA256
128a3a8ca2f63f12a3f5c52c11635989bc2b3dd14e705b8868817c9bf7623426
-
SHA512
24de0797d58f68347cee803b7d49df892c1f1ec679df173539d95a5e20978b32b9a657e1c51248dce0ebaab1960708186347f14e4470684e623242301804fe0b
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-