General
-
Target
5841a8a95e05d58a.exe
-
Size
93KB
-
Sample
240420-rkm3kaad49
-
MD5
c28c57588077a93983f6d4cbaa30a130
-
SHA1
61013fe2450fee9b928e016590bb92bef17359ca
-
SHA256
dbba3358f6bf08f6f40711574c76905b471a1a08259396f6b80ee63d06fc8951
-
SHA512
30fe3adb906ac5f08073162a92f0985b946cdb71bdfcdb28f50cdebdf37a702bff42c2af928afc148801301350b68a8bd3afe85208f89f3f10ae262aa12df474
-
SSDEEP
768:9Y3oZU3nWXxyFcxovUKUJuROprXtWNEpeYhYbmXxrjEtCdnl2pi1Rz4Rk3OsGdpx:3UXWhIUKcuOJRpPhBjEwzGi1dDqDhgS
Behavioral task
behavioral1
Sample
5841a8a95e05d58a.exe
Resource
win10-20240404-en
Malware Config
Extracted
njrat
0.7d
HacKed
hakim32.ddns.net:2000
pro123.ddns.net:161
0bd34f575986b2731a655919cd7081f4
-
reg_key
0bd34f575986b2731a655919cd7081f4
-
splitter
|'|'|
Targets
-
-
Target
5841a8a95e05d58a.exe
-
Size
93KB
-
MD5
c28c57588077a93983f6d4cbaa30a130
-
SHA1
61013fe2450fee9b928e016590bb92bef17359ca
-
SHA256
dbba3358f6bf08f6f40711574c76905b471a1a08259396f6b80ee63d06fc8951
-
SHA512
30fe3adb906ac5f08073162a92f0985b946cdb71bdfcdb28f50cdebdf37a702bff42c2af928afc148801301350b68a8bd3afe85208f89f3f10ae262aa12df474
-
SSDEEP
768:9Y3oZU3nWXxyFcxovUKUJuROprXtWNEpeYhYbmXxrjEtCdnl2pi1Rz4Rk3OsGdpx:3UXWhIUKcuOJRpPhBjEwzGi1dDqDhgS
Score8/10-
Modifies Windows Firewall
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-