General
-
Target
8097383fc8d67a40c647b8e892fc7a28a68dc82fa16f51303ae99a5e82c61969
-
Size
919KB
-
Sample
220625-mmrfjsgfgm
-
MD5
396b59946e1211f68e52677de66ccbc6
-
SHA1
fd051f956b1a6764945464666395b077f2ea5462
-
SHA256
8097383fc8d67a40c647b8e892fc7a28a68dc82fa16f51303ae99a5e82c61969
-
SHA512
65030131559f23b61503da19e5725527847247d349022441f07dfdb47a58085484f2825624a6a9feb8bbfe0048a46bd37afe73cd409262bcbbfdd9df538a4712
Static task
static1
Behavioral task
behavioral1
Sample
8097383fc8d67a40c647b8e892fc7a28a68dc82fa16f51303ae99a5e82c61969.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
0.7d
fourth#4
soft98.linkpc.net:5550
10e93180d6481ad63a77c2b255d40864
-
reg_key
10e93180d6481ad63a77c2b255d40864
-
splitter
|'|'|
Targets
-
-
Target
8097383fc8d67a40c647b8e892fc7a28a68dc82fa16f51303ae99a5e82c61969
-
Size
919KB
-
MD5
396b59946e1211f68e52677de66ccbc6
-
SHA1
fd051f956b1a6764945464666395b077f2ea5462
-
SHA256
8097383fc8d67a40c647b8e892fc7a28a68dc82fa16f51303ae99a5e82c61969
-
SHA512
65030131559f23b61503da19e5725527847247d349022441f07dfdb47a58085484f2825624a6a9feb8bbfe0048a46bd37afe73cd409262bcbbfdd9df538a4712
-
Modifies Windows Firewall
-
Drops startup file
-
Suspicious use of SetThreadContext
-