General
-
Target
Script.exe
-
Size
36KB
-
Sample
220708-k89g5sdad8
-
MD5
9b05f6a3c40f3f9830b4430c3d629cb9
-
SHA1
00f8fe80957ffe2d22de2c6fb646d1c14526bae8
-
SHA256
b6279b66628db58ad58eeb264c6495d6e517cd361d667f514831bf45d366e7fb
-
SHA512
f73fa243a9af2dd15232572c0b2dc0d1c4a5df18aac9e5fedc4a6bccf950756e7473154c870462d0201f60d74c5ef883000d51c61067713a9d4d58d220438b09
Behavioral task
behavioral1
Sample
Script.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
im523
Лошок
194.71.126.120:17954
13d65a76848c880b980676c6c1cc6341
-
reg_key
13d65a76848c880b980676c6c1cc6341
-
splitter
|'|'|
Targets
-
-
Target
Script.exe
-
Size
36KB
-
MD5
9b05f6a3c40f3f9830b4430c3d629cb9
-
SHA1
00f8fe80957ffe2d22de2c6fb646d1c14526bae8
-
SHA256
b6279b66628db58ad58eeb264c6495d6e517cd361d667f514831bf45d366e7fb
-
SHA512
f73fa243a9af2dd15232572c0b2dc0d1c4a5df18aac9e5fedc4a6bccf950756e7473154c870462d0201f60d74c5ef883000d51c61067713a9d4d58d220438b09
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-