General
-
Target
87a340c6dc9b2e994fddc7edb764ab197ce3eb576c4456a89b9faddd5f28b0b4.exe
-
Size
49KB
-
Sample
230908-1a43rsfe7s
-
MD5
c3ec94cb1c15fbfd213aa5d5854b8e3f
-
SHA1
65726604b29227377aadef41da87a7306c852f0c
-
SHA256
87a340c6dc9b2e994fddc7edb764ab197ce3eb576c4456a89b9faddd5f28b0b4
-
SHA512
e9cc11eb5e5e7426f9b8109e73194fccf989bfba3c04b73b78094946e79c5c31f3bb85d75193bc370b192836932a6bd8fdda1f3b5ff7b027a911b9bd7612aebf
-
SSDEEP
1536:a7dS1EAd8II28ca2zhmamGJCKDRMcyEQXGNEPRbw1Rl:igEA6II2Da2zPf/XyEQSiRby
Static task
static1
Behavioral task
behavioral1
Sample
87a340c6dc9b2e994fddc7edb764ab197ce3eb576c4456a89b9faddd5f28b0b4.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
87a340c6dc9b2e994fddc7edb764ab197ce3eb576c4456a89b9faddd5f28b0b4.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
njrat
Platinum
Cheats
127.0.0.1:1
smss.exe
-
reg_key
smss.exe
-
splitter
|Ghost|
Targets
-
-
Target
87a340c6dc9b2e994fddc7edb764ab197ce3eb576c4456a89b9faddd5f28b0b4.exe
-
Size
49KB
-
MD5
c3ec94cb1c15fbfd213aa5d5854b8e3f
-
SHA1
65726604b29227377aadef41da87a7306c852f0c
-
SHA256
87a340c6dc9b2e994fddc7edb764ab197ce3eb576c4456a89b9faddd5f28b0b4
-
SHA512
e9cc11eb5e5e7426f9b8109e73194fccf989bfba3c04b73b78094946e79c5c31f3bb85d75193bc370b192836932a6bd8fdda1f3b5ff7b027a911b9bd7612aebf
-
SSDEEP
1536:a7dS1EAd8II28ca2zhmamGJCKDRMcyEQXGNEPRbw1Rl:igEA6II2Da2zPf/XyEQSiRby
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-