General
-
Target
c47b12eef22b3634c0757a9012eed2cb.exe
-
Size
37KB
-
Sample
220531-aawtaabehq
-
MD5
c47b12eef22b3634c0757a9012eed2cb
-
SHA1
906c940fc31587d5b9c3e144f633506e99c92649
-
SHA256
f048700ad1b8f6ef08a228f88c5f0ae60b5b8a75ff42ea1587a0865142ef87fc
-
SHA512
91676965e494d976be7a539c8671b97b4ccb7898651a53f59e9d43b7620695941e4ccbdde0da7eb6c8844992250061cb63f5e570f16030f3c5544ed37dcc2e47
Behavioral task
behavioral1
Sample
c47b12eef22b3634c0757a9012eed2cb.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
c47b12eef22b3634c0757a9012eed2cb.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
im523
BOT
2.tcp.eu.ngrok.io:15441
88489d1083fd6ed1fecee39e01330c6c
-
reg_key
88489d1083fd6ed1fecee39e01330c6c
-
splitter
|'|'|
Targets
-
-
Target
c47b12eef22b3634c0757a9012eed2cb.exe
-
Size
37KB
-
MD5
c47b12eef22b3634c0757a9012eed2cb
-
SHA1
906c940fc31587d5b9c3e144f633506e99c92649
-
SHA256
f048700ad1b8f6ef08a228f88c5f0ae60b5b8a75ff42ea1587a0865142ef87fc
-
SHA512
91676965e494d976be7a539c8671b97b4ccb7898651a53f59e9d43b7620695941e4ccbdde0da7eb6c8844992250061cb63f5e570f16030f3c5544ed37dcc2e47
Score10/10-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-