General
-
Target
88bcb388d5f63a2afa5342ba135daa675b2db66cb3c88756f825c73f1af18c6c
-
Size
172KB
-
Sample
221124-2m1rjsgh6z
-
MD5
7deb2b41e5fd27715f608ceabdd9ae2b
-
SHA1
d4b03081a7bd074bcf67feca5cac7b72d3058de7
-
SHA256
88bcb388d5f63a2afa5342ba135daa675b2db66cb3c88756f825c73f1af18c6c
-
SHA512
be6e040236b5e51fb45b7b5c7b42fd0ab8c5ab1b97a545e091dfcc42475a3282ab85368e2b4f9b90bde927d1f5c20ac07e3dcf9894ab5968d9bbeebf13a78b2f
-
SSDEEP
3072:9Scwb0MQmRobmkR7HdbsLR8cy2FnFBmy722Vd94O/ILBkMuszHM1tOW7:eRS7E8cdTBRi2Z4vCMusA142
Behavioral task
behavioral1
Sample
88bcb388d5f63a2afa5342ba135daa675b2db66cb3c88756f825c73f1af18c6c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
88bcb388d5f63a2afa5342ba135daa675b2db66cb3c88756f825c73f1af18c6c.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
njrat
0.7d
HacKed
127.0.0.1:5552
279f6960ed84a752570aca7fb2dc1552
-
reg_key
279f6960ed84a752570aca7fb2dc1552
-
splitter
|'|'|
Targets
-
-
Target
88bcb388d5f63a2afa5342ba135daa675b2db66cb3c88756f825c73f1af18c6c
-
Size
172KB
-
MD5
7deb2b41e5fd27715f608ceabdd9ae2b
-
SHA1
d4b03081a7bd074bcf67feca5cac7b72d3058de7
-
SHA256
88bcb388d5f63a2afa5342ba135daa675b2db66cb3c88756f825c73f1af18c6c
-
SHA512
be6e040236b5e51fb45b7b5c7b42fd0ab8c5ab1b97a545e091dfcc42475a3282ab85368e2b4f9b90bde927d1f5c20ac07e3dcf9894ab5968d9bbeebf13a78b2f
-
SSDEEP
3072:9Scwb0MQmRobmkR7HdbsLR8cy2FnFBmy722Vd94O/ILBkMuszHM1tOW7:eRS7E8cdTBRi2Z4vCMusA142
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-