General
-
Target
gamesense.exe
-
Size
93KB
-
Sample
240418-vd492sba8s
-
MD5
63901be7c78d601cf4683b0bf7076674
-
SHA1
a1e8a41ad2d1a3103bb74e59152b5b4cac4a745c
-
SHA256
90f099c2038ea56847b5b41f68cd96c43463af2976106fe094c4befd62a644ab
-
SHA512
eefa4a121d67fae8d62ef147c5f05b979fd84f0d248ea8a521a9a6fbabdd18654f62406cc5cd39ae45f94ec5ef7cc98fdfaa405c955a98357c457cfebfa8f200
-
SSDEEP
1536:9IQO3oH4zrEDR6P4z4jEwzGi1dDHDrgS:9IeH4vEDMAzJi1dnk
Behavioral task
behavioral1
Sample
gamesense.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
gamesense.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
gamesense.exe
Resource
win11-20240412-en
Malware Config
Extracted
njrat
0.7d
HacKed
hakim32.ddns.net:2000
127.0.0.1:1488
1f198e2e527a1b5c423cf558af5689df
-
reg_key
1f198e2e527a1b5c423cf558af5689df
-
splitter
|'|'|
Targets
-
-
Target
gamesense.exe
-
Size
93KB
-
MD5
63901be7c78d601cf4683b0bf7076674
-
SHA1
a1e8a41ad2d1a3103bb74e59152b5b4cac4a745c
-
SHA256
90f099c2038ea56847b5b41f68cd96c43463af2976106fe094c4befd62a644ab
-
SHA512
eefa4a121d67fae8d62ef147c5f05b979fd84f0d248ea8a521a9a6fbabdd18654f62406cc5cd39ae45f94ec5ef7cc98fdfaa405c955a98357c457cfebfa8f200
-
SSDEEP
1536:9IQO3oH4zrEDR6P4z4jEwzGi1dDHDrgS:9IeH4vEDMAzJi1dnk
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-