General
-
Target
1e2e9ab6922a84faefb4552684428fad0bf3d004d24a28488bccaf198a886bbd
-
Size
312KB
-
Sample
221128-xwq69adh9v
-
MD5
27da27f550d60b37e243f9733c018f11
-
SHA1
d2250bbb48045077964ee4560f9e99751d64ce4e
-
SHA256
1e2e9ab6922a84faefb4552684428fad0bf3d004d24a28488bccaf198a886bbd
-
SHA512
75a04df6a87b3c9fca3c622e68af2360ef14ce6e9a313fcd25f626c7fcdeb79110e280c2784032f63620b2c8b59d10cc604e66c8d7067d42ee552d3d7a8b27a8
-
SSDEEP
6144:AP5Fpp8lzpRGL54RxK7QJG8K4WjJHBoOaqF9qG93WSctuwMirVQAV:ARRm1Rm5+zkZlzoOaqFgGrctPMmO
Static task
static1
Behavioral task
behavioral1
Sample
1e2e9ab6922a84faefb4552684428fad0bf3d004d24a28488bccaf198a886bbd.exe
Resource
win7-20221111-en
Malware Config
Extracted
njrat
0.7d
HacKed
sysmanage.linkpc.net:770
f9d8cee92230c9ed2db4e6f696eac8a3
-
reg_key
f9d8cee92230c9ed2db4e6f696eac8a3
-
splitter
|'|'|
Targets
-
-
Target
1e2e9ab6922a84faefb4552684428fad0bf3d004d24a28488bccaf198a886bbd
-
Size
312KB
-
MD5
27da27f550d60b37e243f9733c018f11
-
SHA1
d2250bbb48045077964ee4560f9e99751d64ce4e
-
SHA256
1e2e9ab6922a84faefb4552684428fad0bf3d004d24a28488bccaf198a886bbd
-
SHA512
75a04df6a87b3c9fca3c622e68af2360ef14ce6e9a313fcd25f626c7fcdeb79110e280c2784032f63620b2c8b59d10cc604e66c8d7067d42ee552d3d7a8b27a8
-
SSDEEP
6144:AP5Fpp8lzpRGL54RxK7QJG8K4WjJHBoOaqF9qG93WSctuwMirVQAV:ARRm1Rm5+zkZlzoOaqFgGrctPMmO
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-