General
-
Target
769cc15b10655af128f470fafa6fcd9b674866471d961077364ebf0a879ffa0d
-
Size
40KB
-
Sample
221122-yc52qseg76
-
MD5
76549b8baa923d9d124fce400c715f80
-
SHA1
58b2c7bb1fb4c0c931cca5c28b13bf7c604be0db
-
SHA256
769cc15b10655af128f470fafa6fcd9b674866471d961077364ebf0a879ffa0d
-
SHA512
65b34b982745c291a3749250d1aaf43a1e72856166f09085f9e540f6ab3d63f4da692bab44f1d92257f47adbcf8517c2232d3a89a7f2addbbffdc7c73c22ceb0
-
SSDEEP
768:zu72rHLuCsVwWmd3pgEwJ+i/cEwZeHh29l:6sH5sVwWmdZHG+iEEwgH09l
Static task
static1
Behavioral task
behavioral1
Sample
769cc15b10655af128f470fafa6fcd9b674866471d961077364ebf0a879ffa0d.exe
Resource
win7-20221111-en
Malware Config
Extracted
njrat
0.7d
hacker
xxx99.zapto.org:88
6f39b86be99d1b95bd864356980f5434
-
reg_key
6f39b86be99d1b95bd864356980f5434
-
splitter
|'|'|
Targets
-
-
Target
769cc15b10655af128f470fafa6fcd9b674866471d961077364ebf0a879ffa0d
-
Size
40KB
-
MD5
76549b8baa923d9d124fce400c715f80
-
SHA1
58b2c7bb1fb4c0c931cca5c28b13bf7c604be0db
-
SHA256
769cc15b10655af128f470fafa6fcd9b674866471d961077364ebf0a879ffa0d
-
SHA512
65b34b982745c291a3749250d1aaf43a1e72856166f09085f9e540f6ab3d63f4da692bab44f1d92257f47adbcf8517c2232d3a89a7f2addbbffdc7c73c22ceb0
-
SSDEEP
768:zu72rHLuCsVwWmd3pgEwJ+i/cEwZeHh29l:6sH5sVwWmdZHG+iEEwgH09l
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-