General
-
Target
7c0e2d228042abd250597fc95a5b2979cd72d93293bfbe29bb1de6d17fd145b1
-
Size
182KB
-
Sample
221130-x2a28abc9t
-
MD5
3f813aba1631a7a5ce2697b9929e459b
-
SHA1
6f866d5eb7b4e36a4c2854d2a16e70f2560791a2
-
SHA256
7c0e2d228042abd250597fc95a5b2979cd72d93293bfbe29bb1de6d17fd145b1
-
SHA512
46940c020a61d7bbe2455df6ecd5d5f112fd2ef476413c7d79223353b1d0b239223a7155956f5ae452d3285bc5ced6e8117c9c6334d6586a1b373ecb57d5c3b7
-
SSDEEP
3072:7hE1Mmq7x1+iNlp9EqxNZ32GhNvj43sJ/gTQcevUAKen:7i1MT7hp9E+J2GhNXBXMo
Static task
static1
Behavioral task
behavioral1
Sample
7c0e2d228042abd250597fc95a5b2979cd72d93293bfbe29bb1de6d17fd145b1.exe
Resource
win7-20220901-en
Malware Config
Extracted
njrat
v2.0
HacKedNJ
anunankis1.duckdns.org:1515
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
7c0e2d228042abd250597fc95a5b2979cd72d93293bfbe29bb1de6d17fd145b1
-
Size
182KB
-
MD5
3f813aba1631a7a5ce2697b9929e459b
-
SHA1
6f866d5eb7b4e36a4c2854d2a16e70f2560791a2
-
SHA256
7c0e2d228042abd250597fc95a5b2979cd72d93293bfbe29bb1de6d17fd145b1
-
SHA512
46940c020a61d7bbe2455df6ecd5d5f112fd2ef476413c7d79223353b1d0b239223a7155956f5ae452d3285bc5ced6e8117c9c6334d6586a1b373ecb57d5c3b7
-
SSDEEP
3072:7hE1Mmq7x1+iNlp9EqxNZ32GhNvj43sJ/gTQcevUAKen:7i1MT7hp9E+J2GhNXBXMo
-
Drops startup file
-
Suspicious use of SetThreadContext
-