General
-
Target
7707d1e0c7a228b3f5b96e36cdf5e078314acd324c47f8b10187e6f394def8f0
-
Size
37KB
-
Sample
220630-xajv2sgcdm
-
MD5
3478d1c07fc20f5109124b7e121f5a36
-
SHA1
b2dc2dac6f5e08d851410596c4965a451a940894
-
SHA256
7707d1e0c7a228b3f5b96e36cdf5e078314acd324c47f8b10187e6f394def8f0
-
SHA512
74941de3551d9036dc84edc4d67b4b4e9208810d533cc8e8a4918814544b7a688f745ee6fdf05200bb5720afa952ec0b0c9689b824b5d3517c466031de2a3209
Behavioral task
behavioral1
Sample
7707d1e0c7a228b3f5b96e36cdf5e078314acd324c47f8b10187e6f394def8f0.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
im523
HacKed
svalkabomja333.hopto.org:1978
ee612de36a0d05a31f32d8a935cab2af
-
reg_key
ee612de36a0d05a31f32d8a935cab2af
-
splitter
|'|'|
Targets
-
-
Target
7707d1e0c7a228b3f5b96e36cdf5e078314acd324c47f8b10187e6f394def8f0
-
Size
37KB
-
MD5
3478d1c07fc20f5109124b7e121f5a36
-
SHA1
b2dc2dac6f5e08d851410596c4965a451a940894
-
SHA256
7707d1e0c7a228b3f5b96e36cdf5e078314acd324c47f8b10187e6f394def8f0
-
SHA512
74941de3551d9036dc84edc4d67b4b4e9208810d533cc8e8a4918814544b7a688f745ee6fdf05200bb5720afa952ec0b0c9689b824b5d3517c466031de2a3209
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-