General
-
Target
128fb9d8299a5c35f381b45e78e30cb844cc4e356dbe9908d360df89ef056480
-
Size
83KB
-
Sample
221130-wzxmrsdd45
-
MD5
bc702cc32a4b9991061713f237109c51
-
SHA1
fb5d4a93ecd15cc4ba88d467ac15ff1de694774f
-
SHA256
128fb9d8299a5c35f381b45e78e30cb844cc4e356dbe9908d360df89ef056480
-
SHA512
ab862328f7a202e578dfce6ddcf749fc66a8f1d02f13b17ab76c7b26876370c8fc2140a890a0bddfd7bdfd1a8accc3a119561fe655cfeb7939808802d59b960e
-
SSDEEP
1536:iRC1AczgD67rpXxso0+HRrlzFQ7/4wWUpa1a0NfqytDjf:pxc67lXi+Hllzq+j1a0NfH
Static task
static1
Behavioral task
behavioral1
Sample
128fb9d8299a5c35f381b45e78e30cb844cc4e356dbe9908d360df89ef056480.exe
Resource
win7-20220812-en
Malware Config
Extracted
njrat
0.7d
DDD
frankooxyz2.ddns.net:48443
581153482cb6003050ef63cae0773a6e
-
reg_key
581153482cb6003050ef63cae0773a6e
-
splitter
|'|'|
Targets
-
-
Target
128fb9d8299a5c35f381b45e78e30cb844cc4e356dbe9908d360df89ef056480
-
Size
83KB
-
MD5
bc702cc32a4b9991061713f237109c51
-
SHA1
fb5d4a93ecd15cc4ba88d467ac15ff1de694774f
-
SHA256
128fb9d8299a5c35f381b45e78e30cb844cc4e356dbe9908d360df89ef056480
-
SHA512
ab862328f7a202e578dfce6ddcf749fc66a8f1d02f13b17ab76c7b26876370c8fc2140a890a0bddfd7bdfd1a8accc3a119561fe655cfeb7939808802d59b960e
-
SSDEEP
1536:iRC1AczgD67rpXxso0+HRrlzFQ7/4wWUpa1a0NfqytDjf:pxc67lXi+Hllzq+j1a0NfH
-
Suspicious use of SetThreadContext
-