General
-
Target
84e695d98db088f08fc5ec25dff225ac2e2fb23926ae3627a54a40f258c05bb2
-
Size
949KB
-
Sample
221127-f3vdtacc94
-
MD5
5772aeab066ef7b5e603a85a099c68ea
-
SHA1
4bb09277b95884a0697c1d273cd80b318f178e40
-
SHA256
84e695d98db088f08fc5ec25dff225ac2e2fb23926ae3627a54a40f258c05bb2
-
SHA512
59474ddeeef3fd5f8d9eacc4a834cf1031151a1ae480b5f62721ca01e35b23875fc55d2b2415b4bd2560e837d8f6668175ebbacd5909ebad1267bdcbc7b64e0c
-
SSDEEP
24576:e9HWjvDzsdKeDzP8ylUFsgodcDE2VAuFl25:++sdKe/kylUaSEKA35
Behavioral task
behavioral1
Sample
84e695d98db088f08fc5ec25dff225ac2e2fb23926ae3627a54a40f258c05bb2.exe
Resource
win7-20221111-en
Malware Config
Extracted
njrat
0.7d
CS
185.84.181.76:7777
478c00e39fc244a542ec45ecc8f8c475
-
reg_key
478c00e39fc244a542ec45ecc8f8c475
-
splitter
|'|'|
Targets
-
-
Target
84e695d98db088f08fc5ec25dff225ac2e2fb23926ae3627a54a40f258c05bb2
-
Size
949KB
-
MD5
5772aeab066ef7b5e603a85a099c68ea
-
SHA1
4bb09277b95884a0697c1d273cd80b318f178e40
-
SHA256
84e695d98db088f08fc5ec25dff225ac2e2fb23926ae3627a54a40f258c05bb2
-
SHA512
59474ddeeef3fd5f8d9eacc4a834cf1031151a1ae480b5f62721ca01e35b23875fc55d2b2415b4bd2560e837d8f6668175ebbacd5909ebad1267bdcbc7b64e0c
-
SSDEEP
24576:e9HWjvDzsdKeDzP8ylUFsgodcDE2VAuFl25:++sdKe/kylUaSEKA35
-
Modifies Windows Firewall
-
Suspicious use of SetThreadContext
-