General
-
Target
a88675b6bd37faff8ac76d0b3dd15cca
-
Size
27KB
-
Sample
240227-htwxdsbe5t
-
MD5
a88675b6bd37faff8ac76d0b3dd15cca
-
SHA1
acca891f9da218eaee8cc79ad22909efba3575a6
-
SHA256
d628e7a54d5069605f2e2b3226818d2f3343973b87e1e4a15943c9792e7f1d97
-
SHA512
c671cadd2e649a4ee46f4020134b7129818582c1baf8253b70a29214e85da03710d59761a641339697152adad0e23aea5e5cdd42f59c91fe7f94c153783c2dd9
-
SSDEEP
384:TLMi5SRvT/nmgEiKB5jHw/SORsP5emgMlAQk93vmhm7UMKmIEecKdbXTzm9bVhcf:3MOdt5oYlA/vMHTi9bD
Behavioral task
behavioral1
Sample
a88675b6bd37faff8ac76d0b3dd15cca.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a88675b6bd37faff8ac76d0b3dd15cca.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
njrat
v2.0
HacKed
sific227asmm.ddns.net:1194
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
a88675b6bd37faff8ac76d0b3dd15cca
-
Size
27KB
-
MD5
a88675b6bd37faff8ac76d0b3dd15cca
-
SHA1
acca891f9da218eaee8cc79ad22909efba3575a6
-
SHA256
d628e7a54d5069605f2e2b3226818d2f3343973b87e1e4a15943c9792e7f1d97
-
SHA512
c671cadd2e649a4ee46f4020134b7129818582c1baf8253b70a29214e85da03710d59761a641339697152adad0e23aea5e5cdd42f59c91fe7f94c153783c2dd9
-
SSDEEP
384:TLMi5SRvT/nmgEiKB5jHw/SORsP5emgMlAQk93vmhm7UMKmIEecKdbXTzm9bVhcf:3MOdt5oYlA/vMHTi9bD
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-