General
-
Target
25b32a1fec9f1427b5085dcb052de990021b5d2ee82cc4ae6908f606b4fbae3b
-
Size
878KB
-
Sample
240229-lwxs9adb9v
-
MD5
7a8d5ce9ed21d3a3e84182c51a8b2722
-
SHA1
1efcdb60208c2ed9f5964ca7384ef766fecd300e
-
SHA256
25b32a1fec9f1427b5085dcb052de990021b5d2ee82cc4ae6908f606b4fbae3b
-
SHA512
a766d20f6707793f83c62862723257f1a61ef947a3740bb80bafad70f5ca13477b5ac99f76cc0c68fdf8e65ded179ce064508439c43336e767b5db1b948714c4
-
SSDEEP
12288:ftb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNDPPpHrYZBtZIj16A:ftb20pkaCqT5TBWgNjVYZBUj16A
Static task
static1
Behavioral task
behavioral1
Sample
25b32a1fec9f1427b5085dcb052de990021b5d2ee82cc4ae6908f606b4fbae3b.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
25b32a1fec9f1427b5085dcb052de990021b5d2ee82cc4ae6908f606b4fbae3b.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
127.0.0.1:4444
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
25b32a1fec9f1427b5085dcb052de990021b5d2ee82cc4ae6908f606b4fbae3b
-
Size
878KB
-
MD5
7a8d5ce9ed21d3a3e84182c51a8b2722
-
SHA1
1efcdb60208c2ed9f5964ca7384ef766fecd300e
-
SHA256
25b32a1fec9f1427b5085dcb052de990021b5d2ee82cc4ae6908f606b4fbae3b
-
SHA512
a766d20f6707793f83c62862723257f1a61ef947a3740bb80bafad70f5ca13477b5ac99f76cc0c68fdf8e65ded179ce064508439c43336e767b5db1b948714c4
-
SSDEEP
12288:ftb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNDPPpHrYZBtZIj16A:ftb20pkaCqT5TBWgNjVYZBUj16A
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-