Behavioral task
behavioral1
Sample
0a349a9b956f99d57b6e1c2119b65c6389930272672457f2b52ed0b91b92ac83.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0a349a9b956f99d57b6e1c2119b65c6389930272672457f2b52ed0b91b92ac83.exe
Resource
win10v2004-20230221-en
General
-
Target
ffe54c1b19159203974f105c690d691c.bin
-
Size
10KB
-
MD5
4e85cdcfe550eecbac1c5c40b2446460
-
SHA1
e94353d954fbe7a7fa7084975ce05a75de7556cd
-
SHA256
2e6ea54954e2ace11629e6e50058acb2b5fb886a878b5eba550d5b61ab035bbb
-
SHA512
4c843cebf28a6898afa3ac4c5232d7eb37b54c2ffdd249b8d02b0750b09e6ce8def85486bea1e05335f9843e7541b51cffea840291bc76ebc548458e1729c83c
-
SSDEEP
192:8GZkgkJsM5QNca1dZjg5e2GfLieTumjbkhQ82W3u7n8HDgxTDitIUFRpCpRukvHX:8GZkbJsMeNLdZ71Li8d/gqKtHKT6hU1f
Malware Config
Extracted
njrat
0.7NC
NYAN CAT
office365microsoft.duckdns.org:8095
c3b22a97f04044
-
reg_key
c3b22a97f04044
-
splitter
@!#&^%$
Signatures
-
Njrat family
Files
-
ffe54c1b19159203974f105c690d691c.bin.zip
Password: infected
-
0a349a9b956f99d57b6e1c2119b65c6389930272672457f2b52ed0b91b92ac83.exe