Overview
overview
10Static
static
3NjRat 0.7D.exe
windows11-21h2-x64
10Plugin/cam.dll
windows11-21h2-x64
10Plugin/ch.dll
windows11-21h2-x64
1Plugin/mic.dll
windows11-21h2-x64
1Plugin/plg.dll
windows11-21h2-x64
1Plugin/pw.dll
windows11-21h2-x64
1Plugin/sc2.dll
windows11-21h2-x64
1WinMM.Net.dll
windows11-21h2-x64
1Analysis
-
max time kernel
453s -
max time network
455s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system -
submitted
01-04-2024 09:35
Static task
static1
Behavioral task
behavioral1
Sample
NjRat 0.7D.exe
Resource
win11-20240221-en
Behavioral task
behavioral2
Sample
Plugin/cam.dll
Resource
win11-20240221-en
Behavioral task
behavioral3
Sample
Plugin/ch.dll
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
Plugin/mic.dll
Resource
win11-20240319-en
Behavioral task
behavioral5
Sample
Plugin/plg.dll
Resource
win11-20240221-en
Behavioral task
behavioral6
Sample
Plugin/pw.dll
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
Plugin/sc2.dll
Resource
win11-20240221-en
Behavioral task
behavioral8
Sample
WinMM.Net.dll
Resource
win11-20240214-en
General
-
Target
Plugin/plg.dll
-
Size
65KB
-
MD5
c179e212316f26ce9325a8d80d936666
-
SHA1
14d08b3cda60341d1e9187fc14bd64ebefe4a5b6
-
SHA256
13043521ed6876edf2736fc46a7c49e6b639cfa7a866ca11de26f119796cd521
-
SHA512
1b5eb687a9932c82ab2e655dbc5df8ba667a023e7568dbbd13c503a54661763193bde11937f87e2e09b88d770c8357eda07589d526e6103db058038e3ce3b750
-
SSDEEP
768:rVRKgRFKn3N5U2jNGUyXWI9Yi1s0sbtAEsz8CjBMiPs2T:pR3R895Npyhn1sBbtPsz8C9P
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 464 wrote to memory of 1448 464 rundll32.exe rundll32.exe PID 464 wrote to memory of 1448 464 rundll32.exe rundll32.exe PID 464 wrote to memory of 1448 464 rundll32.exe rundll32.exe