General
-
Target
a51ec208eb048981670c135d054aeb8f.exe
-
Size
37KB
-
Sample
220827-bz81ksccej
-
MD5
a51ec208eb048981670c135d054aeb8f
-
SHA1
677161255acb2cbceaa53d7401df76ed3206c81d
-
SHA256
3c295858f4185731f2a15d647e388b41a16dd0c190eb8e713c7f7af400506d9c
-
SHA512
31bf8bec98871d72652c7241487d28b0aed235147da0bce250c71b4161389a3b4e073c411d8b53d260a10ca05cfb0307cbc8440b35c9bcb87652dc44124472a9
-
SSDEEP
384:UxmNb7LsikZ9zNf/1uyU71evdjsOaP0rAF+rMRTyN/0L+EcoinblneHQM3epzXSz:XNf4l1lU71e9FacrM+rMRa8NuMxt
Malware Config
Extracted
njrat
im523
HacKed
positive-be.at.playit.gg:14456
dd5b22956b6d7929cd00b2e94303635b
-
reg_key
dd5b22956b6d7929cd00b2e94303635b
-
splitter
|'|'|
Targets
-
-
Target
a51ec208eb048981670c135d054aeb8f.exe
-
Size
37KB
-
MD5
a51ec208eb048981670c135d054aeb8f
-
SHA1
677161255acb2cbceaa53d7401df76ed3206c81d
-
SHA256
3c295858f4185731f2a15d647e388b41a16dd0c190eb8e713c7f7af400506d9c
-
SHA512
31bf8bec98871d72652c7241487d28b0aed235147da0bce250c71b4161389a3b4e073c411d8b53d260a10ca05cfb0307cbc8440b35c9bcb87652dc44124472a9
-
SSDEEP
384:UxmNb7LsikZ9zNf/1uyU71evdjsOaP0rAF+rMRTyN/0L+EcoinblneHQM3epzXSz:XNf4l1lU71e9FacrM+rMRa8NuMxt
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-