General
-
Target
b266c09851a9c4d96a84eb7de5b55f91b1d178ef4124afef225751c9aeb01ce1
-
Size
37KB
-
Sample
220524-1aw26acecp
-
MD5
50c57c18fbe284ec107cc041ba2f9797
-
SHA1
dfdf0cd6c72561049749c843ce04b82029c8d078
-
SHA256
b266c09851a9c4d96a84eb7de5b55f91b1d178ef4124afef225751c9aeb01ce1
-
SHA512
8b59043342c1a5c774056b08c063b04c6845ed60795e3bf7b3414fa417794bcbf17a495a5081e5a7b29c3fc8ac197d416dacc97023844f2c87f81e8bbcdbcf2e
Malware Config
Extracted
njrat
im523
System
goldartem.ddns.net:5552
d1ecd249ee17332db54a2de8e3319626
-
reg_key
d1ecd249ee17332db54a2de8e3319626
-
splitter
|'|'|
Targets
-
-
Target
b266c09851a9c4d96a84eb7de5b55f91b1d178ef4124afef225751c9aeb01ce1
-
Size
37KB
-
MD5
50c57c18fbe284ec107cc041ba2f9797
-
SHA1
dfdf0cd6c72561049749c843ce04b82029c8d078
-
SHA256
b266c09851a9c4d96a84eb7de5b55f91b1d178ef4124afef225751c9aeb01ce1
-
SHA512
8b59043342c1a5c774056b08c063b04c6845ed60795e3bf7b3414fa417794bcbf17a495a5081e5a7b29c3fc8ac197d416dacc97023844f2c87f81e8bbcdbcf2e
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-