General
-
Target
716a3ae4955961491f5a1ca476631134ca74e60c8a7e184af52315d4b8905fd5
-
Size
23KB
-
Sample
221003-cwf13acbg5
-
MD5
706a042d619c342ef8ec52dd3ada8e4d
-
SHA1
e0f804beab0021d19bf81798a634036be7acf2ef
-
SHA256
716a3ae4955961491f5a1ca476631134ca74e60c8a7e184af52315d4b8905fd5
-
SHA512
8c996efef1efd97027882ce39245540f0eaf33e45ccc541c4ad0feb29f0bcb427568bb922068c0775f41791235f40c2fec65f6766af6bdbb45cdcf8a2e26d42f
-
SSDEEP
384:U8aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZiX:zXcwt3tRpcnun
Behavioral task
behavioral1
Sample
716a3ae4955961491f5a1ca476631134ca74e60c8a7e184af52315d4b8905fd5.exe
Resource
win7-20220812-en
Malware Config
Extracted
njrat
0.7d
HacKed
127.0.0.1:5552
23f0e3bce589df29a3e6f3e8879b41c1
-
reg_key
23f0e3bce589df29a3e6f3e8879b41c1
-
splitter
|'|'|
Targets
-
-
Target
716a3ae4955961491f5a1ca476631134ca74e60c8a7e184af52315d4b8905fd5
-
Size
23KB
-
MD5
706a042d619c342ef8ec52dd3ada8e4d
-
SHA1
e0f804beab0021d19bf81798a634036be7acf2ef
-
SHA256
716a3ae4955961491f5a1ca476631134ca74e60c8a7e184af52315d4b8905fd5
-
SHA512
8c996efef1efd97027882ce39245540f0eaf33e45ccc541c4ad0feb29f0bcb427568bb922068c0775f41791235f40c2fec65f6766af6bdbb45cdcf8a2e26d42f
-
SSDEEP
384:U8aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZiX:zXcwt3tRpcnun
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-