Overview

overview

10

Static

static

10

Wauuf'sSoundBoard.exe

windows7-x64

8

Wauuf'sSoundBoard.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Wauuf'sSoundBoard.exe

  • Size

    93KB

  • Sample

    220924-ysf3jsdbgp

  • MD5

    02f24f9c3195e2c2d485087b60b3c6b1

  • SHA1

    960bbb1d29c4089f1399bba073d236161abc5ca7

  • SHA256

    6623445697710d6fcf3fb987ae2d4c0b2b0433f5b18f4895e39e123f1c9960b9

  • SHA512

    8d5eaa0b68ec49d30b981790e6b76bd6737a9666b693afee3d5f0a0dc25ffeed8ac215578c967d0732845b385d647e9e7a0322ce0a235c1d9e4cc419dfcd65e2

  • SSDEEP

    768:zY3XxnD9O/pBcxYsbae6GIXb9pDX2t98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk36sGx:CxxOx6baIa9RZj00ljEwzGi1dD2D9gS

Score
10/10
njrathackedevasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

FRANSESCOTI3LjAuFRANSESCOC4x:MTYwNQ==

Mutex

df3759c0f17ba8dcfd6fe599472f512b

Attributes
  • reg_key

    df3759c0f17ba8dcfd6fe599472f512b

  • splitter

    |'|'|

Targets

    • Target

      Wauuf'sSoundBoard.exe

    • Size

      93KB

    • MD5

      02f24f9c3195e2c2d485087b60b3c6b1

    • SHA1

      960bbb1d29c4089f1399bba073d236161abc5ca7

    • SHA256

      6623445697710d6fcf3fb987ae2d4c0b2b0433f5b18f4895e39e123f1c9960b9

    • SHA512

      8d5eaa0b68ec49d30b981790e6b76bd6737a9666b693afee3d5f0a0dc25ffeed8ac215578c967d0732845b385d647e9e7a0322ce0a235c1d9e4cc419dfcd65e2

    • SSDEEP

      768:zY3XxnD9O/pBcxYsbae6GIXb9pDX2t98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk36sGx:CxxOx6baIa9RZj00ljEwzGi1dD2D9gS

    Score
    8/10
    evasion

    • Disables Task Manager via registry modification

      evasion

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks