General
-
Target
Client.exe
-
Size
31KB
-
Sample
240212-p5fswadg91
-
MD5
4f774abb085d4f708e5fdc712972b683
-
SHA1
02ff90c60951a8d518a14f1296ef8edb9130a7d9
-
SHA256
734dce9451929913ad71dad9efda5a93117f82c015f15a8c3659f987e5af24a2
-
SHA512
85b3cb2f74561e08ccc6abf08c6a7e5330a9449f419af126136ec5f83f3688762fbbba7640e99687a70b155f118bacb6a7b53b8c00f731a7b853c6004bb57595
-
SSDEEP
768:jhaZirnp7VJMzxn6zYJSRm3VPlvqQQmIDUu0tiHFj:c0pKS8JHQVkoj
Behavioral task
behavioral1
Sample
Client.exe
Resource
win7-20231215-en
Malware Config
Extracted
njrat
0.7d
mediaget
5.39.43.50:1609
db294556feafb205ed6cd0f561df2f99
-
reg_key
db294556feafb205ed6cd0f561df2f99
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
Client.exe
-
Size
31KB
-
MD5
4f774abb085d4f708e5fdc712972b683
-
SHA1
02ff90c60951a8d518a14f1296ef8edb9130a7d9
-
SHA256
734dce9451929913ad71dad9efda5a93117f82c015f15a8c3659f987e5af24a2
-
SHA512
85b3cb2f74561e08ccc6abf08c6a7e5330a9449f419af126136ec5f83f3688762fbbba7640e99687a70b155f118bacb6a7b53b8c00f731a7b853c6004bb57595
-
SSDEEP
768:jhaZirnp7VJMzxn6zYJSRm3VPlvqQQmIDUu0tiHFj:c0pKS8JHQVkoj
Score10/10-
Modifies Windows Firewall
-
Deletes itself
-
Drops startup file
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1