General
-
Target
8832940373.zip
-
Size
38KB
-
Sample
230122-3l31yscb2s
-
MD5
d6e4e053c4b010e73150c9a8d1d3ee0c
-
SHA1
6dfd0f7b6ab6978d41dae05c1db40f5ab369f532
-
SHA256
018a3a5163333ffffdcd6d1d65be2d3896a17f904716b2f6f95716ec7428abc1
-
SHA512
edcdf35c9af6b986ccd0a671ce931ea5daffcd154844641743c95377ea0851790ac3640e417a9795b4e726351d6eda2a88214e276d1ec44460023d05bbf64910
-
SSDEEP
768:lKk9r4VTg0/hIK+P0nHZBDJp2TKkhZHTUros3ufEWCUkOg5uPfxLQByhJOfL8:lFcO0/hIK+cHZxzeZHTW73ufENUkOgoJ
Static task
static1
Behavioral task
behavioral1
Sample
f843b206655a34d936989941f9d6e967435ea9d1d19b502b8e30948ba5cc1b14.ps1
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
f843b206655a34d936989941f9d6e967435ea9d1d19b502b8e30948ba5cc1b14.ps1
Resource
win10v2004-20221111-en
Malware Config
Extracted
njrat
v2.0
2525252525252525
2525.libya2020.com.ly:2525
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
f843b206655a34d936989941f9d6e967435ea9d1d19b502b8e30948ba5cc1b14
-
Size
100KB
-
MD5
11eca7330044f41bbcd5e140ff0a7fb5
-
SHA1
9ab3b80a05c2ed5c585748423bd56ad9b59ff63f
-
SHA256
f843b206655a34d936989941f9d6e967435ea9d1d19b502b8e30948ba5cc1b14
-
SHA512
5130b4e90af5c9872f80deaea96088fff9822caf6fb2e286aa11b0756d4a1007e260215d3b7aa9b8cd7644909b2a7ff07a7750f54e7ec064c59dd9b4d00bbc56
-
SSDEEP
1536:RZlZSkyJaVIg/+QZsHXGwrAfKYSh5fmv1xqvg:RYg
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-