General
-
Target
8f3920e55d779299907047e8fff6d4ca
-
Size
241KB
-
Sample
240204-qct1gaceam
-
MD5
8f3920e55d779299907047e8fff6d4ca
-
SHA1
bba818df5e5d6266627bdb0345043a87c573bf21
-
SHA256
3b6c52376c301e9aa6070f5da190c0ec6cdaa342fc8289572520ad35b2506b91
-
SHA512
fd8aadb136b6c62ed18d5d2d2f1fe8f3335b96fe98b6dddec0ea064ebe6227271286ed50abce2d82073ba785bd5707397daef5a1c4ba29129642a28d53331404
-
SSDEEP
6144:YN8HD+nC7D7RA0NNAZSNq7NhhHBn2MysvcuHErqAZ2sXfgm7WD:W8SCLJNNvGDBn2MysvcprjZzXom7W
Static task
static1
Behavioral task
behavioral1
Sample
8f3920e55d779299907047e8fff6d4ca.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8f3920e55d779299907047e8fff6d4ca.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
im523
순좀 퓨이
yonok4100.kro.kr:3000
487246bb2abf00d5c4c35d1bc81e2d15
-
reg_key
487246bb2abf00d5c4c35d1bc81e2d15
-
splitter
|'|'|
Targets
-
-
Target
8f3920e55d779299907047e8fff6d4ca
-
Size
241KB
-
MD5
8f3920e55d779299907047e8fff6d4ca
-
SHA1
bba818df5e5d6266627bdb0345043a87c573bf21
-
SHA256
3b6c52376c301e9aa6070f5da190c0ec6cdaa342fc8289572520ad35b2506b91
-
SHA512
fd8aadb136b6c62ed18d5d2d2f1fe8f3335b96fe98b6dddec0ea064ebe6227271286ed50abce2d82073ba785bd5707397daef5a1c4ba29129642a28d53331404
-
SSDEEP
6144:YN8HD+nC7D7RA0NNAZSNq7NhhHBn2MysvcuHErqAZ2sXfgm7WD:W8SCLJNNvGDBn2MysvcprjZzXom7W
Score10/10-
Modifies Windows Firewall
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1