General
-
Target
7efa05b8e05246e7ada931c405e7c3c7.exe
-
Size
345KB
-
Sample
231209-jnjkjsghe2
-
MD5
7efa05b8e05246e7ada931c405e7c3c7
-
SHA1
d0890b4c04f06bae4324a41df906dc5952e02d74
-
SHA256
ad95184709a116bede1f005bd1741209034f5ba47c5e0401347cd680ce8eff8a
-
SHA512
393fd604751a4ece38747c9bf547940e38800fa1954127674a483ebedcb4313fff17aa64c8fe3a2d3c388d61ed3f7de574b8180117d54de29b862aaec768fde7
-
SSDEEP
6144:bSTz3MaMNhXbyuWt2EHOO+7qeA5fphPFrKz1K5aPMBsN9Ci7xTjnTkSp:eTy7A6IzibR
Static task
static1
Behavioral task
behavioral1
Sample
7efa05b8e05246e7ada931c405e7c3c7.exe
Resource
win7-20231020-en
Malware Config
Extracted
njrat
im523
HacKed
wfe.ddns.net:9988
7b3c4306674567a731eb163e6c0b9141
-
reg_key
7b3c4306674567a731eb163e6c0b9141
-
splitter
|'|'|
Targets
-
-
Target
7efa05b8e05246e7ada931c405e7c3c7.exe
-
Size
345KB
-
MD5
7efa05b8e05246e7ada931c405e7c3c7
-
SHA1
d0890b4c04f06bae4324a41df906dc5952e02d74
-
SHA256
ad95184709a116bede1f005bd1741209034f5ba47c5e0401347cd680ce8eff8a
-
SHA512
393fd604751a4ece38747c9bf547940e38800fa1954127674a483ebedcb4313fff17aa64c8fe3a2d3c388d61ed3f7de574b8180117d54de29b862aaec768fde7
-
SSDEEP
6144:bSTz3MaMNhXbyuWt2EHOO+7qeA5fphPFrKz1K5aPMBsN9Ci7xTjnTkSp:eTy7A6IzibR
-
Modifies Windows Firewall
-
Drops startup file
-
Suspicious use of SetThreadContext
-