General
-
Target
0x000a000000012024-56.dat
-
Size
23KB
-
Sample
230719-x125baag28
-
MD5
ffb457dd29073b78721c24ab9195459f
-
SHA1
b836c1589c65653d28c44b709ecac7ef2376a9d1
-
SHA256
f7dfdaa0af2137fc3f8694273f8de442edc37926edfd7cecd296c5a98657a939
-
SHA512
3dd96249f668dead9970e8c2d484596217c1de085d9695238bcc5e2ee2e651206032e5ef1edcafd5d75e3c4b6be268046e21bf95e6fecd2c50fd9e7fefec5457
-
SSDEEP
384:HQ+SAN7uprgvM5OSUswZXg69gbm4hfpFmRvR6JZlbw8hqIusZzZoj:4OaxVULRpcnu1
Behavioral task
behavioral1
Sample
0x000a000000012024-56.exe
Resource
win7-20230712-en
Malware Config
Extracted
njrat
0.7d
Lammer
0.tcp.sa.ngrok.io:17720
fbb489ebddedd970b62a6974bcec1446
-
reg_key
fbb489ebddedd970b62a6974bcec1446
-
splitter
|'|'|
Targets
-
-
Target
0x000a000000012024-56.dat
-
Size
23KB
-
MD5
ffb457dd29073b78721c24ab9195459f
-
SHA1
b836c1589c65653d28c44b709ecac7ef2376a9d1
-
SHA256
f7dfdaa0af2137fc3f8694273f8de442edc37926edfd7cecd296c5a98657a939
-
SHA512
3dd96249f668dead9970e8c2d484596217c1de085d9695238bcc5e2ee2e651206032e5ef1edcafd5d75e3c4b6be268046e21bf95e6fecd2c50fd9e7fefec5457
-
SSDEEP
384:HQ+SAN7uprgvM5OSUswZXg69gbm4hfpFmRvR6JZlbw8hqIusZzZoj:4OaxVULRpcnu1
-
Modifies Windows Firewall
-
Legitimate hosting services abused for malware hosting/C2
-