General
-
Target
cf745307dd070e56fbb3268b9d5245e94bc7949ef1a3c7fb37932de66cd8e131
-
Size
818KB
-
Sample
221126-ydrwhaaa46
-
MD5
ea98acd9b644308e79633fcd989e7e24
-
SHA1
4bd6bfe1cdf0ef2c98dfc2fa87c959beebec83a3
-
SHA256
cf745307dd070e56fbb3268b9d5245e94bc7949ef1a3c7fb37932de66cd8e131
-
SHA512
648c838e6ece605d729bb70c8b89e89fb182274fef6dce089300018e2876cc87492d5ba66d539d965ceb4a016e2dc382169cd5c3ceea375346e3b154b8366a66
-
SSDEEP
12288:CaWzgMg7v3qnCiMErQohh0F4CCJ8lny/QtaIPMsJFgpg:taHMv6Corjqny/Q/5Yg
Static task
static1
Behavioral task
behavioral1
Sample
cf745307dd070e56fbb3268b9d5245e94bc7949ef1a3c7fb37932de66cd8e131.exe
Resource
win7-20221111-en
Malware Config
Extracted
njrat
0.7d
HacKed
liber8.no-ip.biz:5552
e2b3be92b5029066ba5dd15488d3966c
-
reg_key
e2b3be92b5029066ba5dd15488d3966c
-
splitter
|'|'|
Targets
-
-
Target
cf745307dd070e56fbb3268b9d5245e94bc7949ef1a3c7fb37932de66cd8e131
-
Size
818KB
-
MD5
ea98acd9b644308e79633fcd989e7e24
-
SHA1
4bd6bfe1cdf0ef2c98dfc2fa87c959beebec83a3
-
SHA256
cf745307dd070e56fbb3268b9d5245e94bc7949ef1a3c7fb37932de66cd8e131
-
SHA512
648c838e6ece605d729bb70c8b89e89fb182274fef6dce089300018e2876cc87492d5ba66d539d965ceb4a016e2dc382169cd5c3ceea375346e3b154b8366a66
-
SSDEEP
12288:CaWzgMg7v3qnCiMErQohh0F4CCJ8lny/QtaIPMsJFgpg:taHMv6Corjqny/Q/5Yg
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-