General
-
Target
bMJj.exe
-
Size
78KB
-
Sample
230519-vnjq4aeh45
-
MD5
d6b907a131586513531e26f54e424ef1
-
SHA1
dbd94a49ebcf17acf7aa27b0e7e37db8161d3fae
-
SHA256
1edd9675ca9e84553106201aae3a98bdb2fd2ff8e6039af4478fe5af4fbfd995
-
SHA512
0af91f99df2b9453a19051f988d1683d3eff52aa471dc206766e55139f06ae894a2df9b418977808a5a62196da423efea07add75bcba9ba6fe8a5c83eca704ff
-
SSDEEP
1536:h5B+r0dODplS5wpOk3JCK6pFoO/d6fOpd/9nEh9TG6JgR:YQwpOk5CK6gO/9ES6Jg
Behavioral task
behavioral1
Sample
bMJj.exe
Resource
win7-20230220-en
Malware Config
Extracted
njrat
0.7.3
Lime
ax4.duckdns.org:9966
Client.exe
-
reg_key
Client.exe
-
splitter
16426337
Targets
-
-
Target
bMJj.exe
-
Size
78KB
-
MD5
d6b907a131586513531e26f54e424ef1
-
SHA1
dbd94a49ebcf17acf7aa27b0e7e37db8161d3fae
-
SHA256
1edd9675ca9e84553106201aae3a98bdb2fd2ff8e6039af4478fe5af4fbfd995
-
SHA512
0af91f99df2b9453a19051f988d1683d3eff52aa471dc206766e55139f06ae894a2df9b418977808a5a62196da423efea07add75bcba9ba6fe8a5c83eca704ff
-
SSDEEP
1536:h5B+r0dODplS5wpOk3JCK6pFoO/d6fOpd/9nEh9TG6JgR:YQwpOk5CK6gO/9ES6Jg
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-