General
-
Target
BlazingPackLauncher.bin
-
Size
27KB
-
Sample
220707-vypebscfbk
-
MD5
4e6257378e1a8c3e6342d5536cf1c7c5
-
SHA1
e2b05f484e86a325ab8f97b7c56dcb54aa235e53
-
SHA256
f644a893d8011489f48ca271be1a4cf0ce24aad62fb3173284075c51ad13f3c0
-
SHA512
cf4eceeda3c74579e258a20c70d3484b2d68c81584d688cef8766ebe1e7e6f4861dcadca41b6782f0e6717fb859401b5872f3c5e550572700584324b2c933417
Static task
static1
Behavioral task
behavioral1
Sample
BlazingPackLauncher.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
v4.0
DosehHaker
property-served.at.playit.gg:13426
Windows Update
-
reg_key
Windows Update
-
splitter
|-F-|
Targets
-
-
Target
BlazingPackLauncher.bin
-
Size
27KB
-
MD5
4e6257378e1a8c3e6342d5536cf1c7c5
-
SHA1
e2b05f484e86a325ab8f97b7c56dcb54aa235e53
-
SHA256
f644a893d8011489f48ca271be1a4cf0ce24aad62fb3173284075c51ad13f3c0
-
SHA512
cf4eceeda3c74579e258a20c70d3484b2d68c81584d688cef8766ebe1e7e6f4861dcadca41b6782f0e6717fb859401b5872f3c5e550572700584324b2c933417
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Deletes itself
-
Drops startup file
-
Legitimate hosting services abused for malware hosting/C2
-