General
-
Target
Server.exe
-
Size
36KB
-
Sample
240204-pnkeqsbecm
-
MD5
e71bb9e2740fe2974e501030fa801058
-
SHA1
7b330fc30a007629b55d6d62fd9bb295c7b6798c
-
SHA256
9199f72aaec727a8baad07d3604c0a9f13d92710c2493038209c7bd0a2cd07b9
-
SHA512
bf5a29b526cdbf8a7fd7601b8ea8cc075b0dc2c17df6c7f19570c4afa77dfc2caf12795d2008b4b96bbbee67447745139cc5ee5b1dc5ada85b922362b4e829b7
-
SSDEEP
768:cFUDMmUbCGLKbPXmp8SarM+rMRa8NummVt:caDcbrujmp5F+gRJNw
Behavioral task
behavioral1
Sample
Server.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Server.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
im523
TEST
5.tcp.eu.ndrok.io:16601
1942a606af5bb1fe778c79c082bee642
-
reg_key
1942a606af5bb1fe778c79c082bee642
-
splitter
|'|'|
Targets
-
-
Target
Server.exe
-
Size
36KB
-
MD5
e71bb9e2740fe2974e501030fa801058
-
SHA1
7b330fc30a007629b55d6d62fd9bb295c7b6798c
-
SHA256
9199f72aaec727a8baad07d3604c0a9f13d92710c2493038209c7bd0a2cd07b9
-
SHA512
bf5a29b526cdbf8a7fd7601b8ea8cc075b0dc2c17df6c7f19570c4afa77dfc2caf12795d2008b4b96bbbee67447745139cc5ee5b1dc5ada85b922362b4e829b7
-
SSDEEP
768:cFUDMmUbCGLKbPXmp8SarM+rMRa8NummVt:caDcbrujmp5F+gRJNw
Score8/10-
Modifies Windows Firewall
-