General
-
Target
cd21730a2de2f182773c6b9ef50d34ed9f3d55a94b7e20a987e91843f14a057b
-
Size
30KB
-
Sample
240407-pjfkzsch96
-
MD5
761900700a2dd93bf347e10fa9c14fb7
-
SHA1
db4904470793b785fd6b06c17312be4111da02e9
-
SHA256
cd21730a2de2f182773c6b9ef50d34ed9f3d55a94b7e20a987e91843f14a057b
-
SHA512
ce8a9bcee08e28090b84a860895079a3ef2b686fadc89d8cb859bcd36efc65734a03c7b8392f2a451d14ef14cc559e2d00463fe09a2c3f6ff5d0338996e5b4bb
-
SSDEEP
768:sBSB69DdxkzxP6bg0aG3NQNvC7QmIDUu0tiwBj:RqqG7i8QVkNj
Behavioral task
behavioral1
Sample
cd21730a2de2f182773c6b9ef50d34ed9f3d55a94b7e20a987e91843f14a057b.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral2
Sample
cd21730a2de2f182773c6b9ef50d34ed9f3d55a94b7e20a987e91843f14a057b.exe
Resource
win11-20240221-en
Malware Config
Extracted
njrat
0.7d
MyBot
5.39.43.60:3678
3297cda814fb30a725f976420f48da21
-
reg_key
3297cda814fb30a725f976420f48da21
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
cd21730a2de2f182773c6b9ef50d34ed9f3d55a94b7e20a987e91843f14a057b
-
Size
30KB
-
MD5
761900700a2dd93bf347e10fa9c14fb7
-
SHA1
db4904470793b785fd6b06c17312be4111da02e9
-
SHA256
cd21730a2de2f182773c6b9ef50d34ed9f3d55a94b7e20a987e91843f14a057b
-
SHA512
ce8a9bcee08e28090b84a860895079a3ef2b686fadc89d8cb859bcd36efc65734a03c7b8392f2a451d14ef14cc559e2d00463fe09a2c3f6ff5d0338996e5b4bb
-
SSDEEP
768:sBSB69DdxkzxP6bg0aG3NQNvC7QmIDUu0tiwBj:RqqG7i8QVkNj
Score10/10-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1