General
-
Target
PROCESO INTERROGATORIO.exe
-
Size
53KB
-
Sample
220829-g5g2yaeba8
-
MD5
c6e8b1894581251abb367d18bc4a41ff
-
SHA1
1087cfe8d7ecb0dd3c1c9ed09b33630a727b27ed
-
SHA256
31e39ad5dbe4e094c86e0ebafb840e927f41666a2b5ece42eee1ac791577f0f0
-
SHA512
3f0cee3d2546f6ead46f69b4ece82b3b34c5dc0a42699de10f26e32a6e62ba07600a6920d884ce6dfa8594dd03ab2af191ff3d067fa3a7442f451c281ccd14c2
-
SSDEEP
768:2Ql62z/5vasnjrynryD13Nlahi7bkQHrRC/PElQH:2Ql6k5vNnC4hD2cCnua
Static task
static1
Behavioral task
behavioral1
Sample
PROCESO INTERROGATORIO.exe
Resource
win7-20220812-en
Malware Config
Extracted
njrat
0.7NC
NYAN CAT
rfrehdfbss.duckdns.org:1881
1f76c002c2fc4baab9
-
reg_key
1f76c002c2fc4baab9
-
splitter
@!#&^%$
Targets
-
-
Target
PROCESO INTERROGATORIO.exe
-
Size
53KB
-
MD5
c6e8b1894581251abb367d18bc4a41ff
-
SHA1
1087cfe8d7ecb0dd3c1c9ed09b33630a727b27ed
-
SHA256
31e39ad5dbe4e094c86e0ebafb840e927f41666a2b5ece42eee1ac791577f0f0
-
SHA512
3f0cee3d2546f6ead46f69b4ece82b3b34c5dc0a42699de10f26e32a6e62ba07600a6920d884ce6dfa8594dd03ab2af191ff3d067fa3a7442f451c281ccd14c2
-
SSDEEP
768:2Ql62z/5vasnjrynryD13Nlahi7bkQHrRC/PElQH:2Ql6k5vNnC4hD2cCnua
Score10/10-
Detect PureCrypter loader
-
PureCrypter
PureCrypter is a loader which is intended for downloading and executing additional payloads.
-
Suspicious use of SetThreadContext
-