General
-
Target
9029b3cdc4918747103baada7afb81d52d2c5fe1ce3c63e15a519c0cd011947a
-
Size
83KB
-
Sample
221003-bbx86shgg4
-
MD5
61daf3b921cc002b1363019a214a9f40
-
SHA1
1060308f6ad7df8f0f6c3770323185fec0bc2bbc
-
SHA256
9029b3cdc4918747103baada7afb81d52d2c5fe1ce3c63e15a519c0cd011947a
-
SHA512
4cd6e63aa383b8f4ba05cdc756169c06736c4381705096f512dfe34d2d86c745e0d6d789a3fb1950978e67c6915fc7ecf551d71206160a4f9cf62fb2d6c9b97d
-
SSDEEP
1536:zLxrqW3uc5sl5h8cfOjELHcRRUvwgu0VUqBRg/T:fxrqW34hdcRRkwgVAr
Static task
static1
Behavioral task
behavioral1
Sample
9029b3cdc4918747103baada7afb81d52d2c5fe1ce3c63e15a519c0cd011947a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9029b3cdc4918747103baada7afb81d52d2c5fe1ce3c63e15a519c0cd011947a.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
njrat
0.7d
HacKed
akraara.ddns.net:1998
6c41a042f5e13cf3b153e2636d60f243
-
reg_key
6c41a042f5e13cf3b153e2636d60f243
-
splitter
|'|'|
Targets
-
-
Target
9029b3cdc4918747103baada7afb81d52d2c5fe1ce3c63e15a519c0cd011947a
-
Size
83KB
-
MD5
61daf3b921cc002b1363019a214a9f40
-
SHA1
1060308f6ad7df8f0f6c3770323185fec0bc2bbc
-
SHA256
9029b3cdc4918747103baada7afb81d52d2c5fe1ce3c63e15a519c0cd011947a
-
SHA512
4cd6e63aa383b8f4ba05cdc756169c06736c4381705096f512dfe34d2d86c745e0d6d789a3fb1950978e67c6915fc7ecf551d71206160a4f9cf62fb2d6c9b97d
-
SSDEEP
1536:zLxrqW3uc5sl5h8cfOjELHcRRUvwgu0VUqBRg/T:fxrqW34hdcRRkwgVAr
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-