General
-
Target
283f984e7a793e1a0ad00c17b284ada9.exe
-
Size
93KB
-
Sample
230401-nekhpsba9v
-
MD5
283f984e7a793e1a0ad00c17b284ada9
-
SHA1
30a801cb254f6b98d3ddaf50229a339bd8fc11e3
-
SHA256
7b1b00b295cd0c9635e581531b5e6e5e78e769601f007b6e8f75416f5cd5f4e9
-
SHA512
8ecc0258fdf2d76188769575d082dc0f54210526affbfcfa1579ccca8a3d7cf9b531151f16676276a0f680397a980415cada5f63ea58df5b53d63c52759c43c5
-
SSDEEP
1536:UZxJKnYi9bRSCKZIYVnt0XIoqsJAPNwHyNFVTlnk:UDJ0Yi9bRSFZIYxt0XIokPzrR
Behavioral task
behavioral1
Sample
283f984e7a793e1a0ad00c17b284ada9.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
283f984e7a793e1a0ad00c17b284ada9.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
njrat
v2.0
HacKed
study-silly.at.ply.gg:42876
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
283f984e7a793e1a0ad00c17b284ada9.exe
-
Size
93KB
-
MD5
283f984e7a793e1a0ad00c17b284ada9
-
SHA1
30a801cb254f6b98d3ddaf50229a339bd8fc11e3
-
SHA256
7b1b00b295cd0c9635e581531b5e6e5e78e769601f007b6e8f75416f5cd5f4e9
-
SHA512
8ecc0258fdf2d76188769575d082dc0f54210526affbfcfa1579ccca8a3d7cf9b531151f16676276a0f680397a980415cada5f63ea58df5b53d63c52759c43c5
-
SSDEEP
1536:UZxJKnYi9bRSCKZIYVnt0XIoqsJAPNwHyNFVTlnk:UDJ0Yi9bRSFZIYxt0XIokPzrR
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-