General
-
Target
0x000b000000012315-61.dat
-
Size
23KB
-
Sample
220928-276hjaadeq
-
MD5
142313d7733b824409a828920e97ace1
-
SHA1
12f6be17f7d109e70e10d787203ee3ce501b4ea3
-
SHA256
2ff87e3a4ca06c7e160524b391317b7a9d824eb3ee239651bcf7bf413dd45336
-
SHA512
88d87acb4cf5e85e1753472fccad7105647680d5cc29de628617361ada32cf635b1dc95745e1aba72070301419a77b16b5268b855c4d1b721405d292909750c7
-
SSDEEP
384:O8aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZK9:BXcwt3tRpcnu1
Behavioral task
behavioral1
Sample
0x000b000000012315-61.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0x000b000000012315-61.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
njrat
0.7d
HacKed
2.tcp.ngrok.io:14402
5cb3161ea3511d9f5e42e30a884c6964
-
reg_key
5cb3161ea3511d9f5e42e30a884c6964
-
splitter
|'|'|
Targets
-
-
Target
0x000b000000012315-61.dat
-
Size
23KB
-
MD5
142313d7733b824409a828920e97ace1
-
SHA1
12f6be17f7d109e70e10d787203ee3ce501b4ea3
-
SHA256
2ff87e3a4ca06c7e160524b391317b7a9d824eb3ee239651bcf7bf413dd45336
-
SHA512
88d87acb4cf5e85e1753472fccad7105647680d5cc29de628617361ada32cf635b1dc95745e1aba72070301419a77b16b5268b855c4d1b721405d292909750c7
-
SSDEEP
384:O8aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZK9:BXcwt3tRpcnu1
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-