General
-
Target
0ead535096595299c8f0d61f477c1496b73fdd27fecd2b64c4d4601a235b2d9c
-
Size
43KB
-
Sample
220524-tjg62acfcq
-
MD5
e1cf67b4d9d8f97c560ead779c2db107
-
SHA1
5babfb850f0e496a23c688a512fb314e3d149bdc
-
SHA256
0ead535096595299c8f0d61f477c1496b73fdd27fecd2b64c4d4601a235b2d9c
-
SHA512
49296af4b4f9710a6a37f21cef30fe186d748e34d15e258b25920d8991ff92824499209969da5925c6a3caea555298a201ab597360ff659daede5b3ba17fe026
Behavioral task
behavioral1
Sample
0ead535096595299c8f0d61f477c1496b73fdd27fecd2b64c4d4601a235b2d9c.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
0ead535096595299c8f0d61f477c1496b73fdd27fecd2b64c4d4601a235b2d9c.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
topher
0.tcp.ngrok.io:15575
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
0ead535096595299c8f0d61f477c1496b73fdd27fecd2b64c4d4601a235b2d9c
-
Size
43KB
-
MD5
e1cf67b4d9d8f97c560ead779c2db107
-
SHA1
5babfb850f0e496a23c688a512fb314e3d149bdc
-
SHA256
0ead535096595299c8f0d61f477c1496b73fdd27fecd2b64c4d4601a235b2d9c
-
SHA512
49296af4b4f9710a6a37f21cef30fe186d748e34d15e258b25920d8991ff92824499209969da5925c6a3caea555298a201ab597360ff659daede5b3ba17fe026
Score10/10-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Drops startup file
-