General
-
Target
0x000800000001230f-107.dat
-
Size
93KB
-
Sample
230314-g8q41sga4v
-
MD5
35211dce668b1a3f17aa7ff35d002954
-
SHA1
a0a67c344cae646e02aa152bc1f3ae50066ebe57
-
SHA256
60064d93898e8228a90d538e44610b43c44a67d523feacb55691735853541d3a
-
SHA512
9ca5cdf8c52b9dc12fa02ae37893d2271dd6605bb1a9df8481a2cb12ded1caf0139f045d6c9c90babc58cd6515deed436694c4a6ab899cbaa1fd5ada4d489c56
-
SSDEEP
768:UY3ByiSgmnldjcRoMwrx7Y+DIkIITJbXXKBpOtzux82WXxrjEtCdnl2pi1Rz4Rkr:1ygmlbrq+1NTZBOojEwzGi1dD6DOgS
Behavioral task
behavioral1
Sample
0x000800000001230f-107.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0x000800000001230f-107.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
njrat
0.7d
HacKed
Ni50Y3AuZXUubmdyb2suaW8Strik:MTA3MTI=
9dd06b690cd90c449e471e22f62d779d
-
reg_key
9dd06b690cd90c449e471e22f62d779d
-
splitter
|'|'|
Targets
-
-
Target
0x000800000001230f-107.dat
-
Size
93KB
-
MD5
35211dce668b1a3f17aa7ff35d002954
-
SHA1
a0a67c344cae646e02aa152bc1f3ae50066ebe57
-
SHA256
60064d93898e8228a90d538e44610b43c44a67d523feacb55691735853541d3a
-
SHA512
9ca5cdf8c52b9dc12fa02ae37893d2271dd6605bb1a9df8481a2cb12ded1caf0139f045d6c9c90babc58cd6515deed436694c4a6ab899cbaa1fd5ada4d489c56
-
SSDEEP
768:UY3ByiSgmnldjcRoMwrx7Y+DIkIITJbXXKBpOtzux82WXxrjEtCdnl2pi1Rz4Rkr:1ygmlbrq+1NTZBOojEwzGi1dD6DOgS
Score8/10-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Drops startup file
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-