General
-
Target
7B1809B4AA561D6A694744164831856A.exe
-
Size
23KB
-
Sample
240128-tf782sdae4
-
MD5
7b1809b4aa561d6a694744164831856a
-
SHA1
efa9b84a0e9f0c8ae1dd1fb0c7b28366ca3c04bf
-
SHA256
f44f9ca899f0ac7efc49d491703f249b86f4863914baddd8cedeb3646d0086ae
-
SHA512
ad3dbf695d19b9224f23af11793a2520a7717b8b545b4561046bd033161e13a11286374b0f17234aacf9247864c106db5323e2327f10b885a98ec62b44f55afe
-
SSDEEP
384:HY324bcgPiJLQrfARGSRUJsbY6ZgvSMBD3tVmRvR6JZlbw8hqIusZzZaA:QL2s+tRdRpcnuk
Behavioral task
behavioral1
Sample
7B1809B4AA561D6A694744164831856A.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7B1809B4AA561D6A694744164831856A.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
njrat
0.7d
Lammer
165.227.31.192:22509
3378fb27680d4a9a06e6f191501123e0
-
reg_key
3378fb27680d4a9a06e6f191501123e0
-
splitter
|'|'|
Targets
-
-
Target
7B1809B4AA561D6A694744164831856A.exe
-
Size
23KB
-
MD5
7b1809b4aa561d6a694744164831856a
-
SHA1
efa9b84a0e9f0c8ae1dd1fb0c7b28366ca3c04bf
-
SHA256
f44f9ca899f0ac7efc49d491703f249b86f4863914baddd8cedeb3646d0086ae
-
SHA512
ad3dbf695d19b9224f23af11793a2520a7717b8b545b4561046bd033161e13a11286374b0f17234aacf9247864c106db5323e2327f10b885a98ec62b44f55afe
-
SSDEEP
384:HY324bcgPiJLQrfARGSRUJsbY6ZgvSMBD3tVmRvR6JZlbw8hqIusZzZaA:QL2s+tRdRpcnuk
Score10/10-
Modifies Windows Firewall
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1