General
-
Target
af8fd5644cdd7ebbc3ed179352923760e6950c633a6a322d628191ab2e9a64aa
-
Size
425KB
-
Sample
240420-byxadsch97
-
MD5
806051b6314f9755dec606f8d6955eb4
-
SHA1
7e2dbf2455bcca31dfe5193f01d7fee823455ab9
-
SHA256
af8fd5644cdd7ebbc3ed179352923760e6950c633a6a322d628191ab2e9a64aa
-
SHA512
565ccfebf333ff6fe6dfbf0fdc086f91cab95d62242a1b9927d8ca131bba36132839094c1694be5814edceda37be2afc6c4da9b2291c37ef36d0df5e05dcca45
-
SSDEEP
12288:WquErHF6xC9D6DmR1J98w4oknqO/CyQftQYqYbLmKj:brl6kD68JmlokQfttqY2Kj
Behavioral task
behavioral1
Sample
af8fd5644cdd7ebbc3ed179352923760e6950c633a6a322d628191ab2e9a64aa.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
af8fd5644cdd7ebbc3ed179352923760e6950c633a6a322d628191ab2e9a64aa.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
njrat
0.7d
14 mai generateur xbox
89.94.35.57:1604
ef05e501c2e286164abf5fcaa961559f
-
reg_key
ef05e501c2e286164abf5fcaa961559f
-
splitter
|'|'|
Targets
-
-
Target
af8fd5644cdd7ebbc3ed179352923760e6950c633a6a322d628191ab2e9a64aa
-
Size
425KB
-
MD5
806051b6314f9755dec606f8d6955eb4
-
SHA1
7e2dbf2455bcca31dfe5193f01d7fee823455ab9
-
SHA256
af8fd5644cdd7ebbc3ed179352923760e6950c633a6a322d628191ab2e9a64aa
-
SHA512
565ccfebf333ff6fe6dfbf0fdc086f91cab95d62242a1b9927d8ca131bba36132839094c1694be5814edceda37be2afc6c4da9b2291c37ef36d0df5e05dcca45
-
SSDEEP
12288:WquErHF6xC9D6DmR1J98w4oknqO/CyQftQYqYbLmKj:brl6kD68JmlokQfttqY2Kj
Score10/10-
UPX dump on OEP (original entry point)
-
Modifies Windows Firewall
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-