General
-
Target
NEAS.096d974a744eff570c7e45a9da310768215f218295f18030de2a3459b55feb90exe_JC.exe
-
Size
78KB
-
Sample
231025-rg54zahf44
-
MD5
ac63955ca4261eab11b0b3142360d160
-
SHA1
c768045e60083ecf3424d2fb1e4d9b039645140e
-
SHA256
096d974a744eff570c7e45a9da310768215f218295f18030de2a3459b55feb90
-
SHA512
4e2f08ceae6c619d9ad6effbf2806b594d2c50e139dde2bbbc155f2aa1ef83f2decdf6b9ddba04779494169e551148707d6ac452b0ea008fdfa4f80a1f085f10
-
SSDEEP
1536:/FU+P9NDXDpRS5wpOk3JCK6pFouX96fOpd/9nEh9TG5JdR:lHQwpOk5CK6gO/9ES5Jd
Behavioral task
behavioral1
Sample
NEAS.096d974a744eff570c7e45a9da310768215f218295f18030de2a3459b55feb90exe_JC.exe
Resource
win7-20231023-en
Malware Config
Extracted
njrat
0.7.3
Lime
dominicananjv.duckdns.org:8520
Client.exe
-
reg_key
Client.exe
-
splitter
8520
Targets
-
-
Target
NEAS.096d974a744eff570c7e45a9da310768215f218295f18030de2a3459b55feb90exe_JC.exe
-
Size
78KB
-
MD5
ac63955ca4261eab11b0b3142360d160
-
SHA1
c768045e60083ecf3424d2fb1e4d9b039645140e
-
SHA256
096d974a744eff570c7e45a9da310768215f218295f18030de2a3459b55feb90
-
SHA512
4e2f08ceae6c619d9ad6effbf2806b594d2c50e139dde2bbbc155f2aa1ef83f2decdf6b9ddba04779494169e551148707d6ac452b0ea008fdfa4f80a1f085f10
-
SSDEEP
1536:/FU+P9NDXDpRS5wpOk3JCK6pFouX96fOpd/9nEh9TG5JdR:lHQwpOk5CK6gO/9ES5Jd
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-