General
-
Target
1c4cbc97513c9af8e9ebcb8ea131fe53f73705478ba9e548c8efa6479a44c920
-
Size
92KB
-
Sample
220630-vs3d1adefp
-
MD5
8abf1023307b352cb84c0fcbfad37e12
-
SHA1
42ce68671085b008a05707a2f400a59521a97695
-
SHA256
1c4cbc97513c9af8e9ebcb8ea131fe53f73705478ba9e548c8efa6479a44c920
-
SHA512
9a1b490220dccd74e6130373b28b4167551581b21b603db3410a632f378f4c0761ffd6ecbe91eef7fe5e6cab4347322875e7ed689efdde442e2089b690331885
Static task
static1
Behavioral task
behavioral1
Sample
1c4cbc97513c9af8e9ebcb8ea131fe53f73705478ba9e548c8efa6479a44c920.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1c4cbc97513c9af8e9ebcb8ea131fe53f73705478ba9e548c8efa6479a44c920.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
0.7d
HacKed by 7alim
spamerdz9161.hopto.org:53
e2423738f167cfb0cdd3e8eff3fc2c4d
-
reg_key
e2423738f167cfb0cdd3e8eff3fc2c4d
-
splitter
|'|'|
Targets
-
-
Target
1c4cbc97513c9af8e9ebcb8ea131fe53f73705478ba9e548c8efa6479a44c920
-
Size
92KB
-
MD5
8abf1023307b352cb84c0fcbfad37e12
-
SHA1
42ce68671085b008a05707a2f400a59521a97695
-
SHA256
1c4cbc97513c9af8e9ebcb8ea131fe53f73705478ba9e548c8efa6479a44c920
-
SHA512
9a1b490220dccd74e6130373b28b4167551581b21b603db3410a632f378f4c0761ffd6ecbe91eef7fe5e6cab4347322875e7ed689efdde442e2089b690331885
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-