General
-
Target
bK97.exe
-
Size
23KB
-
Sample
230318-ep8hvabb75
-
MD5
b34802dba5ce54b363ef217a48b6b9d1
-
SHA1
ee3f242b86d3b07b8fc36f9330719296465db856
-
SHA256
5bd47252eb9d1cdb54c533f45946c48d9ecbcba512336e7ee137953349757ff3
-
SHA512
b87cc719377931a36e49394494095efcdc567789374852f053e4674347f5ae65dc561842fc322cf0b4f7549ca5bac64fd22ca3e1d03cfb02e78d0986c847a86b
-
SSDEEP
384:woWtkEwn65rgjAsGipk55D16xgXakhbZD0mRvR6JZlbw8hqIusZzZM3:/7O89p2rRpcnul
Behavioral task
behavioral1
Sample
bK97.exe
Resource
win7-20230220-en
Malware Config
Extracted
njrat
0.7d
HacKed
0.tcp.ngrok.io:17506
db4fd7d140aa221059113328d0539f84
-
reg_key
db4fd7d140aa221059113328d0539f84
-
splitter
|'|'|
Targets
-
-
Target
bK97.exe
-
Size
23KB
-
MD5
b34802dba5ce54b363ef217a48b6b9d1
-
SHA1
ee3f242b86d3b07b8fc36f9330719296465db856
-
SHA256
5bd47252eb9d1cdb54c533f45946c48d9ecbcba512336e7ee137953349757ff3
-
SHA512
b87cc719377931a36e49394494095efcdc567789374852f053e4674347f5ae65dc561842fc322cf0b4f7549ca5bac64fd22ca3e1d03cfb02e78d0986c847a86b
-
SSDEEP
384:woWtkEwn65rgjAsGipk55D16xgXakhbZD0mRvR6JZlbw8hqIusZzZM3:/7O89p2rRpcnul
-
Modifies Windows Firewall
-
Legitimate hosting services abused for malware hosting/C2
-