General
-
Target
e04e9973416af74dd6b72139b2a8d1a7
-
Size
214KB
-
Sample
240327-ahr53aae31
-
MD5
e04e9973416af74dd6b72139b2a8d1a7
-
SHA1
70c8c90c0ddaca4d664fa953bc967c9937d2bf70
-
SHA256
68cc8e4ec9e846618c0e2fb02fcd9673fc8aa3643de94e6894a17c2e7ea903d6
-
SHA512
3a6116d5e20662a52686cffa046d48e5b57385537e584ec881cab2c164b6520330b17f563a9ac37534b254f24feb1821f6aa5abeddeadf19b2e0bb6286b81526
-
SSDEEP
1536:Tw8PflA1YbXmIjlTQGIE5Dw8PflA1YbXmIjlTQGIE5e:e
Behavioral task
behavioral1
Sample
e04e9973416af74dd6b72139b2a8d1a7.ps1
Resource
win7-20240221-en
Malware Config
Extracted
njrat
v2.0
123456
new.libya2020.com.ly:1515
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
e04e9973416af74dd6b72139b2a8d1a7
-
Size
214KB
-
MD5
e04e9973416af74dd6b72139b2a8d1a7
-
SHA1
70c8c90c0ddaca4d664fa953bc967c9937d2bf70
-
SHA256
68cc8e4ec9e846618c0e2fb02fcd9673fc8aa3643de94e6894a17c2e7ea903d6
-
SHA512
3a6116d5e20662a52686cffa046d48e5b57385537e584ec881cab2c164b6520330b17f563a9ac37534b254f24feb1821f6aa5abeddeadf19b2e0bb6286b81526
-
SSDEEP
1536:Tw8PflA1YbXmIjlTQGIE5Dw8PflA1YbXmIjlTQGIE5e:e
-
Drops startup file
-
Suspicious use of SetThreadContext
-