General
-
Target
46715abb1e5a7ea1409b29d6fea42c45ce0dfb6c40085a07cab428c78a44a4a1
-
Size
305KB
-
Sample
220707-kn1dqsbeh5
-
MD5
f901b42116f1f8a52cc3abe6d8181135
-
SHA1
09e6a2744d998d2a9d72c164998a19ba2638c3c6
-
SHA256
46715abb1e5a7ea1409b29d6fea42c45ce0dfb6c40085a07cab428c78a44a4a1
-
SHA512
4bae619983e17b077575a6961a94a4d080cebbd44dda1e5369bbcab71d6837dc0e19c95e77fb7c7603db629f580aeab1aeb0dc597168f6ae852c50750cecced1
Static task
static1
Behavioral task
behavioral1
Sample
46715abb1e5a7ea1409b29d6fea42c45ce0dfb6c40085a07cab428c78a44a4a1.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
0.7d
Admin
n1313.publicvm.com:6686
3e2ba6e27f6c302ca8093546541e02ce
-
reg_key
3e2ba6e27f6c302ca8093546541e02ce
-
splitter
|'|'|
Targets
-
-
Target
46715abb1e5a7ea1409b29d6fea42c45ce0dfb6c40085a07cab428c78a44a4a1
-
Size
305KB
-
MD5
f901b42116f1f8a52cc3abe6d8181135
-
SHA1
09e6a2744d998d2a9d72c164998a19ba2638c3c6
-
SHA256
46715abb1e5a7ea1409b29d6fea42c45ce0dfb6c40085a07cab428c78a44a4a1
-
SHA512
4bae619983e17b077575a6961a94a4d080cebbd44dda1e5369bbcab71d6837dc0e19c95e77fb7c7603db629f580aeab1aeb0dc597168f6ae852c50750cecced1
-
Modifies Windows Firewall
-
Drops startup file
-
Suspicious use of SetThreadContext
-