General
-
Target
d45e6348582bb4a2cc7ec910754a24c2
-
Size
55KB
-
Sample
231228-kwyvwacdhj
-
MD5
d45e6348582bb4a2cc7ec910754a24c2
-
SHA1
793f30cbc554c6c141c6c757fd8ce9e635f05f95
-
SHA256
316bdb2ec522abde2f79a76b1a499881a50236a1cbe421462ff59df3f191c855
-
SHA512
9fd152f7c459195bf7c7f0c2643e92bb6522718b338b260d3bacfab01aaea1d1430065d3cb5a40c482a3d179a3fb8ae731bb5b9c57c6ddba726c181f4d31c057
-
SSDEEP
768:nl1h2E8w2cL/y6EDRdxOFVIuTiTFpa0NFDSH3LG2h7KTvX25Z19etKUik69RSE:HIu2D6EXxSVIF00ULNh7KTvm5ZpkwR
Static task
static1
Behavioral task
behavioral1
Sample
d45e6348582bb4a2cc7ec910754a24c2.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
d45e6348582bb4a2cc7ec910754a24c2.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
Hacked By HiDDen PerSOn
1063a8e226fe71a42c1590e52576fabe
-
reg_key
1063a8e226fe71a42c1590e52576fabe
Targets
-
-
Target
d45e6348582bb4a2cc7ec910754a24c2
-
Size
55KB
-
MD5
d45e6348582bb4a2cc7ec910754a24c2
-
SHA1
793f30cbc554c6c141c6c757fd8ce9e635f05f95
-
SHA256
316bdb2ec522abde2f79a76b1a499881a50236a1cbe421462ff59df3f191c855
-
SHA512
9fd152f7c459195bf7c7f0c2643e92bb6522718b338b260d3bacfab01aaea1d1430065d3cb5a40c482a3d179a3fb8ae731bb5b9c57c6ddba726c181f4d31c057
-
SSDEEP
768:nl1h2E8w2cL/y6EDRdxOFVIuTiTFpa0NFDSH3LG2h7KTvX25Z19etKUik69RSE:HIu2D6EXxSVIF00ULNh7KTvm5ZpkwR
-
Modifies Windows Firewall
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1