General
-
Target
12db2daa8cb68fce8c7ac779d317c6f803477bbefcced7ac9cb779bf674cb0e0
-
Size
23KB
-
Sample
220701-emg8wabccp
-
MD5
c3937e4173da9306dc07e161ae067436
-
SHA1
cbfe2e5dcf01bdeca85d4b15bc258c97411f1c66
-
SHA256
12db2daa8cb68fce8c7ac779d317c6f803477bbefcced7ac9cb779bf674cb0e0
-
SHA512
5fb4e8cbd7f6e3383368833531f60ebb05d59c5f746cc52012c50820332db28019a55f622db48087428a79fc8fe706c7297af14f6c239af0c25bd665dc1dc0ba
Behavioral task
behavioral1
Sample
12db2daa8cb68fce8c7ac779d317c6f803477bbefcced7ac9cb779bf674cb0e0.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
12db2daa8cb68fce8c7ac779d317c6f803477bbefcced7ac9cb779bf674cb0e0.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
njrat
0.7d
HacKed
fsky2.hopto.org:5552
2cc58bd89a2903b40440fbd58d12d95c
-
reg_key
2cc58bd89a2903b40440fbd58d12d95c
-
splitter
|'|'|
Targets
-
-
Target
12db2daa8cb68fce8c7ac779d317c6f803477bbefcced7ac9cb779bf674cb0e0
-
Size
23KB
-
MD5
c3937e4173da9306dc07e161ae067436
-
SHA1
cbfe2e5dcf01bdeca85d4b15bc258c97411f1c66
-
SHA256
12db2daa8cb68fce8c7ac779d317c6f803477bbefcced7ac9cb779bf674cb0e0
-
SHA512
5fb4e8cbd7f6e3383368833531f60ebb05d59c5f746cc52012c50820332db28019a55f622db48087428a79fc8fe706c7297af14f6c239af0c25bd665dc1dc0ba
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-