General
-
Target
Client.exe
-
Size
31KB
-
Sample
240315-m7vcyaeg7t
-
MD5
25477c5bd797560ba92dffc5845f2f72
-
SHA1
3e890bad45c411cdb421f6902e02df7d952c0b9d
-
SHA256
fee5b7c9ed300c5b0d7ea779b593114a25f0abf890e0f0926c074bc0cdca5269
-
SHA512
5e95471021d70c0fd83b77cb1b5ed0be03d68e1c8e519cba011773ca9d0d18cfd3c9ef16fb81752a356ba2831a5c62e7fa0972cf8af0da43c594ae26301df132
-
SSDEEP
768:hpaxirnp7VJMzxn6zQJyRm3dPlvyYQmIDUu0tiLXCj:+0pKakJnQVkUyj
Behavioral task
behavioral1
Sample
Client.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
njrat
0.7d
MyBot
90.188.243.168:6522
f5adab388784b07d338dc90d1886bf98
-
reg_key
f5adab388784b07d338dc90d1886bf98
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
Client.exe
-
Size
31KB
-
MD5
25477c5bd797560ba92dffc5845f2f72
-
SHA1
3e890bad45c411cdb421f6902e02df7d952c0b9d
-
SHA256
fee5b7c9ed300c5b0d7ea779b593114a25f0abf890e0f0926c074bc0cdca5269
-
SHA512
5e95471021d70c0fd83b77cb1b5ed0be03d68e1c8e519cba011773ca9d0d18cfd3c9ef16fb81752a356ba2831a5c62e7fa0972cf8af0da43c594ae26301df132
-
SSDEEP
768:hpaxirnp7VJMzxn6zQJyRm3dPlvyYQmIDUu0tiLXCj:+0pKakJnQVkUyj
Score10/10-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
1