General
-
Target
kg8iu932kg.exe
-
Size
43KB
-
Sample
240426-yvzbxabb74
-
MD5
5f2a465afde528dc03afd60bda63d224
-
SHA1
33425917a22faee1163ed2e3c097199bf6dddb3e
-
SHA256
59a251519723a22dd3958559cecc08bc21a521bd691b57710139093c23f76b8c
-
SHA512
e694cc614e26c0da4b714ee7161c6eb38e090f4494b30be30b6a4723a987efc8ffde191251bae51b6f5b2c839633694828b14728c49cb45e2f71dac51aac478b
-
SSDEEP
384:CZy2pO9ct6IyWVhIKI+qEpal/CzYhzbIij+ZsNO3PlpJKkkjh/TzF7pWnhNtSgrq:wB8SwFWfL/nu/CHuXQ/osNtm+L
Behavioral task
behavioral1
Sample
kg8iu932kg.exe
Resource
win7-20231129-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
biba.ddns.net:7357
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
kg8iu932kg.exe
-
Size
43KB
-
MD5
5f2a465afde528dc03afd60bda63d224
-
SHA1
33425917a22faee1163ed2e3c097199bf6dddb3e
-
SHA256
59a251519723a22dd3958559cecc08bc21a521bd691b57710139093c23f76b8c
-
SHA512
e694cc614e26c0da4b714ee7161c6eb38e090f4494b30be30b6a4723a987efc8ffde191251bae51b6f5b2c839633694828b14728c49cb45e2f71dac51aac478b
-
SSDEEP
384:CZy2pO9ct6IyWVhIKI+qEpal/CzYhzbIij+ZsNO3PlpJKkkjh/TzF7pWnhNtSgrq:wB8SwFWfL/nu/CHuXQ/osNtm+L
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-