General
-
Target
60ce543102c48a9700274dbdb980d46397062a1323416b9b8b9202342a2424f1
-
Size
208KB
-
Sample
221019-svxv7aeadk
-
MD5
a2251f05c5c83784fb16102a8f3b77f0
-
SHA1
061ea47baf8ef7eda67c7d5af559f17df50a92dc
-
SHA256
60ce543102c48a9700274dbdb980d46397062a1323416b9b8b9202342a2424f1
-
SHA512
339601588958024a402a778970459cfe1c8192e6909f95d23f3e821abc38c18e93e077f3fa5b6806d8f951fa6afd399efefb084e8395162432f4c8ab46df50da
-
SSDEEP
6144:P1VaBHUB2HtM0Nzqdkho5fMq6taZHC2Ys:faFUB2POiKNIaZ3Ys
Static task
static1
Behavioral task
behavioral1
Sample
60ce543102c48a9700274dbdb980d46397062a1323416b9b8b9202342a2424f1.exe
Resource
win7-20220901-en
Malware Config
Extracted
njrat
0.6.4
hack
127.0.0.1:1177
ba4c12bee3027d94da5c81db2d196bfd
-
reg_key
ba4c12bee3027d94da5c81db2d196bfd
-
splitter
|'|'|
Targets
-
-
Target
60ce543102c48a9700274dbdb980d46397062a1323416b9b8b9202342a2424f1
-
Size
208KB
-
MD5
a2251f05c5c83784fb16102a8f3b77f0
-
SHA1
061ea47baf8ef7eda67c7d5af559f17df50a92dc
-
SHA256
60ce543102c48a9700274dbdb980d46397062a1323416b9b8b9202342a2424f1
-
SHA512
339601588958024a402a778970459cfe1c8192e6909f95d23f3e821abc38c18e93e077f3fa5b6806d8f951fa6afd399efefb084e8395162432f4c8ab46df50da
-
SSDEEP
6144:P1VaBHUB2HtM0Nzqdkho5fMq6taZHC2Ys:faFUB2POiKNIaZ3Ys
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-