General
-
Target
850072b510695bd8649daad557e371b869054361e888d1aa4ffa51cf8e8c7c87
-
Size
37KB
-
Sample
220521-avz2fadghl
-
MD5
bb9d4ebcc754a7e6cb7536b735d85fdf
-
SHA1
62a93b979c2634af2b39520df73249747bbed84c
-
SHA256
850072b510695bd8649daad557e371b869054361e888d1aa4ffa51cf8e8c7c87
-
SHA512
e727a8e987da902339c6ceef93e163fedaa8a0a03c5e0784ac919653f0428f8723ebab7d232cef80bd1337956254c4333fba500ee85fdfdc2a80884822e48363
Behavioral task
behavioral1
Sample
850072b510695bd8649daad557e371b869054361e888d1aa4ffa51cf8e8c7c87.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
im523
HacKed
miop.ddns.net:2280
18df5afc301de09badbb5fa494c2daf3
-
reg_key
18df5afc301de09badbb5fa494c2daf3
-
splitter
|'|'|
Targets
-
-
Target
850072b510695bd8649daad557e371b869054361e888d1aa4ffa51cf8e8c7c87
-
Size
37KB
-
MD5
bb9d4ebcc754a7e6cb7536b735d85fdf
-
SHA1
62a93b979c2634af2b39520df73249747bbed84c
-
SHA256
850072b510695bd8649daad557e371b869054361e888d1aa4ffa51cf8e8c7c87
-
SHA512
e727a8e987da902339c6ceef93e163fedaa8a0a03c5e0784ac919653f0428f8723ebab7d232cef80bd1337956254c4333fba500ee85fdfdc2a80884822e48363
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-