General
-
Target
Servexxxr.exe
-
Size
93KB
-
Sample
230629-azt1zscd5x
-
MD5
bac3e3a27867ed4fec83edffd7cdf851
-
SHA1
ee1339a375d50b0aa1459543f2aacaab5c810c9c
-
SHA256
a2c863ccc540a385073d3b08ab8fb1ec6c1d23b599b57a13a604002cba27f2a4
-
SHA512
09ca8b12914d0da03797f8b34c7cd5f6ea42e94919d0c40270b88a110ee285372ad910b506311662a77620426a03dbf8cc8daccb6e9c4ddf6ece060f428b4721
-
SSDEEP
1536:1U33wHyNxrBhh5YLg1jEwzGi1dDbDEgS:1UKyNxrBhLggCi1dj9
Behavioral task
behavioral1
Sample
Servexxxr.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
Servexxxr.exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
njrat
0.7d
HACKER
hakim32.ddns.net:2000
5683812xs-43939.portmap.host:43939
034f8e9797562c715673bfe3dab67ef8
-
reg_key
034f8e9797562c715673bfe3dab67ef8
-
splitter
|'|'|
Targets
-
-
Target
Servexxxr.exe
-
Size
93KB
-
MD5
bac3e3a27867ed4fec83edffd7cdf851
-
SHA1
ee1339a375d50b0aa1459543f2aacaab5c810c9c
-
SHA256
a2c863ccc540a385073d3b08ab8fb1ec6c1d23b599b57a13a604002cba27f2a4
-
SHA512
09ca8b12914d0da03797f8b34c7cd5f6ea42e94919d0c40270b88a110ee285372ad910b506311662a77620426a03dbf8cc8daccb6e9c4ddf6ece060f428b4721
-
SSDEEP
1536:1U33wHyNxrBhh5YLg1jEwzGi1dDbDEgS:1UKyNxrBhLggCi1dj9
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Drops file in System32 directory
-