Overview
overview
10Static
static
3NjRat 0.7D.exe
windows11-21h2-x64
10Plugin/cam.dll
windows11-21h2-x64
10Plugin/ch.dll
windows11-21h2-x64
1Plugin/mic.dll
windows11-21h2-x64
1Plugin/plg.dll
windows11-21h2-x64
1Plugin/pw.dll
windows11-21h2-x64
1Plugin/sc2.dll
windows11-21h2-x64
1WinMM.Net.dll
windows11-21h2-x64
1Analysis
-
max time kernel
435s -
max time network
441s -
platform
windows11-21h2_x64 -
resource
win11-20240319-en -
resource tags
arch:x64arch:x86image:win11-20240319-enlocale:en-usos:windows11-21h2-x64system -
submitted
01-04-2024 09:35
Static task
static1
Behavioral task
behavioral1
Sample
NjRat 0.7D.exe
Resource
win11-20240221-en
Behavioral task
behavioral2
Sample
Plugin/cam.dll
Resource
win11-20240221-en
Behavioral task
behavioral3
Sample
Plugin/ch.dll
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
Plugin/mic.dll
Resource
win11-20240319-en
Behavioral task
behavioral5
Sample
Plugin/plg.dll
Resource
win11-20240221-en
Behavioral task
behavioral6
Sample
Plugin/pw.dll
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
Plugin/sc2.dll
Resource
win11-20240221-en
Behavioral task
behavioral8
Sample
WinMM.Net.dll
Resource
win11-20240214-en
General
-
Target
Plugin/mic.dll
-
Size
77KB
-
MD5
9b376f0d44995ca15d43f7943a602fb2
-
SHA1
18a2bb7d13836256bd5f39089203f18d740669d5
-
SHA256
27528a77e27d02aadecabfdf658b2da638bb0ca2f2c60bdd9d0fd5338c1fc346
-
SHA512
4dfb0c49816e0d0c2f7d0d76081725bd48d3713506ec51ac6c06ae7092908d14e3683d707d6f332505163fb0ade0ee6b50a355cd69c25725e829ebb23a3e93b2
-
SSDEEP
1536:ZAwSxproATOoeQHshYNR1zTTxqPbKhOCjXKem:TSxpr/KoemAYxTTxqj
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4812 wrote to memory of 4684 4812 rundll32.exe rundll32.exe PID 4812 wrote to memory of 4684 4812 rundll32.exe rundll32.exe PID 4812 wrote to memory of 4684 4812 rundll32.exe rundll32.exe