General
-
Target
8e76fd1b71135c84d74fb41915f637309b9584b6565886f5f26cdf142df114cd
-
Size
82KB
-
Sample
221003-bb5m9abcgl
-
MD5
6c670d327ca3c047dd87e04519adad30
-
SHA1
fd6f02ad9dee2457ee8bbefceeaa437bee636fd2
-
SHA256
8e76fd1b71135c84d74fb41915f637309b9584b6565886f5f26cdf142df114cd
-
SHA512
f0d1a41904b80e358c041d4b54d28a56e7dd7f6eb12d64deff091508b493f3fcd4c02a4d675f1e1cdee9dd929e8ed779761ef578c4c8944749bb80233c783451
-
SSDEEP
1536:KfcJmBgWnjIJSZwlB2hBjsV+1q51ALBYU:KcugiIRB2jKU
Static task
static1
Behavioral task
behavioral1
Sample
8e76fd1b71135c84d74fb41915f637309b9584b6565886f5f26cdf142df114cd.exe
Resource
win7-20220901-en
Malware Config
Extracted
njrat
0.7d
HacKed
anwarmaxa.no-ip.biz:4498
abc4c646bbdae26ea820ad4be4d0c672
-
reg_key
abc4c646bbdae26ea820ad4be4d0c672
-
splitter
|'|'|
Targets
-
-
Target
8e76fd1b71135c84d74fb41915f637309b9584b6565886f5f26cdf142df114cd
-
Size
82KB
-
MD5
6c670d327ca3c047dd87e04519adad30
-
SHA1
fd6f02ad9dee2457ee8bbefceeaa437bee636fd2
-
SHA256
8e76fd1b71135c84d74fb41915f637309b9584b6565886f5f26cdf142df114cd
-
SHA512
f0d1a41904b80e358c041d4b54d28a56e7dd7f6eb12d64deff091508b493f3fcd4c02a4d675f1e1cdee9dd929e8ed779761ef578c4c8944749bb80233c783451
-
SSDEEP
1536:KfcJmBgWnjIJSZwlB2hBjsV+1q51ALBYU:KcugiIRB2jKU
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-