General

  • Target

    F0FF2A2046A4FEFCD2D04C92C812FCF2.exe

  • Size

    91KB

  • Sample

    240414-fgtkdshc3t

  • MD5

    f0ff2a2046a4fefcd2d04c92c812fcf2

  • SHA1

    d2004f23d6b5a90888395c1f2d72d288b2dea821

  • SHA256

    06b314e6e7127b58bdafcd05252a28af38233afe2b188584eb4d27ab372c8762

  • SHA512

    6d7767f7228397ba91fb87bb0d320533b1fb8d35a05cccbef58f19f2ad1101a3799bdfb4baacd8e0ccc6899cc2b61685801fe2702b17f3d94652bc323cfcb90c

  • SSDEEP

    768:eGZefAM+0uGAfIi+qXuzMywjZdLJakHX+xWvYR4SYzkYFI3tr3/iTnRVOR1MY4qn:YfAl0pUjBjZdL4kHG5mkYQJVR1/LpNv

Score
10/10

Malware Config

Extracted

Family

njrat

C2

hakim32.ddns.net:2000

Targets

    • Target

      F0FF2A2046A4FEFCD2D04C92C812FCF2.exe

    • Size

      91KB

    • MD5

      f0ff2a2046a4fefcd2d04c92c812fcf2

    • SHA1

      d2004f23d6b5a90888395c1f2d72d288b2dea821

    • SHA256

      06b314e6e7127b58bdafcd05252a28af38233afe2b188584eb4d27ab372c8762

    • SHA512

      6d7767f7228397ba91fb87bb0d320533b1fb8d35a05cccbef58f19f2ad1101a3799bdfb4baacd8e0ccc6899cc2b61685801fe2702b17f3d94652bc323cfcb90c

    • SSDEEP

      768:eGZefAM+0uGAfIi+qXuzMywjZdLJakHX+xWvYR4SYzkYFI3tr3/iTnRVOR1MY4qn:YfAl0pUjBjZdL4kHG5mkYQJVR1/LpNv

    Score
    8/10
    • Modifies Windows Firewall

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks