General
-
Target
ac63955ca4261eab11b0b3142360d160.bin
-
Size
35KB
-
Sample
231026-cj55esbb52
-
MD5
297ccfb3450f90d3bfff1ea19f56b4b8
-
SHA1
f79b8723ed3f33c8fe73247446f9a0ed00856ab8
-
SHA256
0e4cd222f12628abfc6f72cbb424a88bdf08c744fb8c61f26426f5f7268314df
-
SHA512
19bb0004966c13c0da3990f0094e46f110d111e503eeee49dc4801ae854cdbd9f87e776dd69e40d0f841735abaa18f53b8b45a79259affd52e65d4231d75453b
-
SSDEEP
768:xBw96rQtnJ5pfbnBPURI7MPu/qxKWbznGo1BDymzzcSXf:xC96rmJ5JR0I7MPu/qV1Qmnx
Behavioral task
behavioral1
Sample
096d974a744eff570c7e45a9da310768215f218295f18030de2a3459b55feb90.exe
Resource
win7-20231020-en
Malware Config
Extracted
njrat
0.7.3
Lime
dominicananjv.duckdns.org:8520
Client.exe
-
reg_key
Client.exe
-
splitter
8520
Targets
-
-
Target
096d974a744eff570c7e45a9da310768215f218295f18030de2a3459b55feb90.exe
-
Size
78KB
-
MD5
ac63955ca4261eab11b0b3142360d160
-
SHA1
c768045e60083ecf3424d2fb1e4d9b039645140e
-
SHA256
096d974a744eff570c7e45a9da310768215f218295f18030de2a3459b55feb90
-
SHA512
4e2f08ceae6c619d9ad6effbf2806b594d2c50e139dde2bbbc155f2aa1ef83f2decdf6b9ddba04779494169e551148707d6ac452b0ea008fdfa4f80a1f085f10
-
SSDEEP
1536:/FU+P9NDXDpRS5wpOk3JCK6pFouX96fOpd/9nEh9TG5JdR:lHQwpOk5CK6gO/9ES5Jd
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-