Overview
overview
10Static
static
3NjRat 0.7D.exe
windows11-21h2-x64
10Plugin/cam.dll
windows11-21h2-x64
10Plugin/ch.dll
windows11-21h2-x64
1Plugin/mic.dll
windows11-21h2-x64
1Plugin/plg.dll
windows11-21h2-x64
1Plugin/pw.dll
windows11-21h2-x64
1Plugin/sc2.dll
windows11-21h2-x64
1WinMM.Net.dll
windows11-21h2-x64
1Analysis
-
max time kernel
447s -
max time network
454s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system -
submitted
01-04-2024 09:35
Static task
static1
Behavioral task
behavioral1
Sample
NjRat 0.7D.exe
Resource
win11-20240221-en
Behavioral task
behavioral2
Sample
Plugin/cam.dll
Resource
win11-20240221-en
Behavioral task
behavioral3
Sample
Plugin/ch.dll
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
Plugin/mic.dll
Resource
win11-20240319-en
Behavioral task
behavioral5
Sample
Plugin/plg.dll
Resource
win11-20240221-en
Behavioral task
behavioral6
Sample
Plugin/pw.dll
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
Plugin/sc2.dll
Resource
win11-20240221-en
Behavioral task
behavioral8
Sample
WinMM.Net.dll
Resource
win11-20240214-en
General
-
Target
Plugin/sc2.dll
-
Size
46KB
-
MD5
2d65bc3bff4a5d31b59f5bdf6e6311d7
-
SHA1
43962fbeb93fc267fb1c7036a12b8c5d6f40c28a
-
SHA256
010b1ec566be774a2d12146f9826aa31fd7eb6ffe7b45ce5e572b2d8c7f815c3
-
SHA512
b210d447cc9b4b89402a2a1d3d5e9cfe13ae897c47094be4110ed3aac109152c8a45ec138f73b703e7d3799934234cba4ca3f2439b3dd193a4cec671b9edaa6a
-
SSDEEP
768:mtAX1G0UYRxIDbYDGN5/eoK79QlRfe2AfgFTMBku2T:mtAFZUYA/uW2x9CJe2BFQB
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3952 wrote to memory of 3160 3952 rundll32.exe rundll32.exe PID 3952 wrote to memory of 3160 3952 rundll32.exe rundll32.exe PID 3952 wrote to memory of 3160 3952 rundll32.exe rundll32.exe