General
-
Target
Server.exe
-
Size
37KB
-
Sample
220708-lg1atsddf8
-
MD5
87c4e9c65ce8e229349d1e75e8a6c527
-
SHA1
f3fff28bb37cdb29ccc0323931ba4d8cbf10b6b6
-
SHA256
a2047f7e4d6186f24cf416a7104f7d6d939b1fa8608604c6572fb483734d0af2
-
SHA512
041382aeb962e61bacd541fa8ace8453cb25d9ae0b8c0e47c3d8f00ece7ce3c8edf4e06bdf6aa4c57cb6e3971d3c3e94366f502cedd6e45bc4684c559b33fd09
Behavioral task
behavioral1
Sample
Server.exe
Resource
win7-20220414-en
Malware Config
Extracted
njrat
im523
Лошок
194.71.126.120:17954
13d65a76848c880b980676c6c1cc6341
-
reg_key
13d65a76848c880b980676c6c1cc6341
-
splitter
|'|'|
Targets
-
-
Target
Server.exe
-
Size
37KB
-
MD5
87c4e9c65ce8e229349d1e75e8a6c527
-
SHA1
f3fff28bb37cdb29ccc0323931ba4d8cbf10b6b6
-
SHA256
a2047f7e4d6186f24cf416a7104f7d6d939b1fa8608604c6572fb483734d0af2
-
SHA512
041382aeb962e61bacd541fa8ace8453cb25d9ae0b8c0e47c3d8f00ece7ce3c8edf4e06bdf6aa4c57cb6e3971d3c3e94366f502cedd6e45bc4684c559b33fd09
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-