General
-
Target
8d1dcdebddc85388dca9b70406891e7a1b2b1259c7e4622d7a58c2faca1efaea
-
Size
60KB
-
Sample
221125-jbkxvaee6v
-
MD5
27ea2eade45d9fcd4801e600f2fdba39
-
SHA1
8b68041329c29bf145097a5726f6f9809992722b
-
SHA256
8d1dcdebddc85388dca9b70406891e7a1b2b1259c7e4622d7a58c2faca1efaea
-
SHA512
93b5223c5812979367905ed1d7eb06b358e1ab04fe6b8a5525c9ce02cb8c184abfe6c69da3f73a1bbf4095f47bea3fe844371e0429ccd6366cd75f153f19335f
-
SSDEEP
1536:EOIkevE/Lk4alliH7hdKPg6KhG29jLhOlG:+kebvL0g41A29wl
Behavioral task
behavioral1
Sample
8d1dcdebddc85388dca9b70406891e7a1b2b1259c7e4622d7a58c2faca1efaea.exe
Resource
win7-20220901-en
Malware Config
Extracted
njrat
0.6.4
HacKed
127.0.0.1:1177
6e6d18dc41426799a2afcd0247b20dc4
-
reg_key
6e6d18dc41426799a2afcd0247b20dc4
-
splitter
|'|'|
Targets
-
-
Target
8d1dcdebddc85388dca9b70406891e7a1b2b1259c7e4622d7a58c2faca1efaea
-
Size
60KB
-
MD5
27ea2eade45d9fcd4801e600f2fdba39
-
SHA1
8b68041329c29bf145097a5726f6f9809992722b
-
SHA256
8d1dcdebddc85388dca9b70406891e7a1b2b1259c7e4622d7a58c2faca1efaea
-
SHA512
93b5223c5812979367905ed1d7eb06b358e1ab04fe6b8a5525c9ce02cb8c184abfe6c69da3f73a1bbf4095f47bea3fe844371e0429ccd6366cd75f153f19335f
-
SSDEEP
1536:EOIkevE/Lk4alliH7hdKPg6KhG29jLhOlG:+kebvL0g41A29wl
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-