General
-
Target
a04136fe0299b81fe404d9e5257c34e7.exe
-
Size
37KB
-
Sample
230101-1z3k8sfh8v
-
MD5
a04136fe0299b81fe404d9e5257c34e7
-
SHA1
2a7613d3b52fefbb202bba06c8785104f8574808
-
SHA256
9ff3694bdfc5948780928f3f5f2eddb442c8ee29b403d7ba3823b77a5292edf2
-
SHA512
0db1c72e7e9ac2ee6f32b6f255cd8304d860135be3b8b0a8bce982260700f800640f9fbf26fc9bb18766cfe557f319d617894d9fca74fc87bb1b3bd24d01a76a
-
SSDEEP
384:hOSvEiTbTvpWNcZ0y8fvCv3v3cLkacpjrAF+rMRTyN/0L+EcoinblneHQM3epzXH:ES7TZ38fvCv3E1c1rM+rMRa8Nue4t
Behavioral task
behavioral1
Sample
a04136fe0299b81fe404d9e5257c34e7.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a04136fe0299b81fe404d9e5257c34e7.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
njrat
im523
HacKed
2.tcp.eu.ngrok.io:10008
25ffb1a66b4748fe7537df7005cc8e55
-
reg_key
25ffb1a66b4748fe7537df7005cc8e55
-
splitter
|'|'|
Targets
-
-
Target
a04136fe0299b81fe404d9e5257c34e7.exe
-
Size
37KB
-
MD5
a04136fe0299b81fe404d9e5257c34e7
-
SHA1
2a7613d3b52fefbb202bba06c8785104f8574808
-
SHA256
9ff3694bdfc5948780928f3f5f2eddb442c8ee29b403d7ba3823b77a5292edf2
-
SHA512
0db1c72e7e9ac2ee6f32b6f255cd8304d860135be3b8b0a8bce982260700f800640f9fbf26fc9bb18766cfe557f319d617894d9fca74fc87bb1b3bd24d01a76a
-
SSDEEP
384:hOSvEiTbTvpWNcZ0y8fvCv3v3cLkacpjrAF+rMRTyN/0L+EcoinblneHQM3epzXH:ES7TZ38fvCv3E1c1rM+rMRa8Nue4t
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-