General
-
Target
0x000a00000001310c-58.dat
-
Size
25KB
-
Sample
220627-dyplnaage6
-
MD5
7398714aa7e951484c0230bd1919a4d7
-
SHA1
ba27dc586f7de6d5bc21e54a8ba7b02c980b23ac
-
SHA256
d6355ea09274149b47d0fab0edc18d2627a1866557ac3a4cce6f4f15b586b9c2
-
SHA512
391249bdee93f2d2bea6c2c46f791d9533de73c79804a11ac18959fbf3eaf87483988c4fd1310187bf6a8afe3757c302682025b6295380ea0dc6b383693719cf
Static task
static1
Behavioral task
behavioral1
Sample
0x000a00000001310c-58.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
0x000a00000001310c-58.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
0.7d
HACKED JFK
103.149.13.61:4545
782e4e93b9158d4d448232ed139fc0db
-
reg_key
782e4e93b9158d4d448232ed139fc0db
-
splitter
|'|'|
Targets
-
-
Target
0x000a00000001310c-58.dat
-
Size
25KB
-
MD5
7398714aa7e951484c0230bd1919a4d7
-
SHA1
ba27dc586f7de6d5bc21e54a8ba7b02c980b23ac
-
SHA256
d6355ea09274149b47d0fab0edc18d2627a1866557ac3a4cce6f4f15b586b9c2
-
SHA512
391249bdee93f2d2bea6c2c46f791d9533de73c79804a11ac18959fbf3eaf87483988c4fd1310187bf6a8afe3757c302682025b6295380ea0dc6b383693719cf
Score10/10-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-