General
-
Target
1bb73eb13cab3a1466b144bcc51209e88489f2b50c4377f5d25ad920778adb5a
-
Size
43KB
-
Sample
220724-rqq2eafegn
-
MD5
fcddbabbf805667024ef378fd5871102
-
SHA1
ab74bfd5b176ab3ce6f5e4d1423b76055c24d395
-
SHA256
1bb73eb13cab3a1466b144bcc51209e88489f2b50c4377f5d25ad920778adb5a
-
SHA512
6f06b0df91b7799bae0450926c1f48f78bc1e46eae01872f19731b5570bff227b8eb4a89f4089704a19c75de46f33e1c39d1810c6fff1e87361e8cfd208489d6
Behavioral task
behavioral1
Sample
1bb73eb13cab3a1466b144bcc51209e88489f2b50c4377f5d25ad920778adb5a.exe
Resource
win7-20220718-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
95.27.105.214:5554
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
1bb73eb13cab3a1466b144bcc51209e88489f2b50c4377f5d25ad920778adb5a
-
Size
43KB
-
MD5
fcddbabbf805667024ef378fd5871102
-
SHA1
ab74bfd5b176ab3ce6f5e4d1423b76055c24d395
-
SHA256
1bb73eb13cab3a1466b144bcc51209e88489f2b50c4377f5d25ad920778adb5a
-
SHA512
6f06b0df91b7799bae0450926c1f48f78bc1e46eae01872f19731b5570bff227b8eb4a89f4089704a19c75de46f33e1c39d1810c6fff1e87361e8cfd208489d6
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-