General
-
Target
Notpad.exe
-
Size
39KB
-
Sample
240228-2dywlafd86
-
MD5
593f02ad15dbda4a76f7403b53e4c4dc
-
SHA1
aa2d558b7dada115cb927d6c2a62b77f63137c19
-
SHA256
a3e94a6f0006ecc2703d86b4de8528b270c60a9d3a0b6667c89487808d5009d0
-
SHA512
59aa5047919bc4e48e8e479215e3b45e6272c17dff2ed111dfe2eaad07eebb03770dde72077bc9a36be386080fbb69d1733c045834c0527c284156cbad117410
-
SSDEEP
768:VvARF98JTK48OqD7px5yjf8ckU4r5wL4Ei1vY+j0TqnihnabC:iRyKrLpx5UfA5wkEA90TqnsnabC
Static task
static1
Behavioral task
behavioral1
Sample
Notpad.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
njrat
Platinum
HacKed
127.0.0.1:666
notpad.exe
-
reg_key
notpad.exe
-
splitter
|Ghost|
Targets
-
-
Target
Notpad.exe
-
Size
39KB
-
MD5
593f02ad15dbda4a76f7403b53e4c4dc
-
SHA1
aa2d558b7dada115cb927d6c2a62b77f63137c19
-
SHA256
a3e94a6f0006ecc2703d86b4de8528b270c60a9d3a0b6667c89487808d5009d0
-
SHA512
59aa5047919bc4e48e8e479215e3b45e6272c17dff2ed111dfe2eaad07eebb03770dde72077bc9a36be386080fbb69d1733c045834c0527c284156cbad117410
-
SSDEEP
768:VvARF98JTK48OqD7px5yjf8ckU4r5wL4Ei1vY+j0TqnihnabC:iRyKrLpx5UfA5wkEA90TqnsnabC
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-