General
-
Target
664c0effa7bb5dc6c5c20c90b9b9ab1553bd57d7f2a4b6dce2fed74728312305
-
Size
425KB
-
Sample
240429-2dkc7sdc5s
-
MD5
72ece7b155cc961b845e3c4b9bdbc25b
-
SHA1
12f8afc17eba584ae52935cb39ced0b47280c37f
-
SHA256
664c0effa7bb5dc6c5c20c90b9b9ab1553bd57d7f2a4b6dce2fed74728312305
-
SHA512
cfc4c857a0deaea8537f87a5e4c4a1c880ef0af32200038f01f53ca72814f3b908d419d1a0ffba3618c53d6a2417acdac0fdeb433c87ca4ff7676fd4960b2585
-
SSDEEP
12288:WquErHF6xC9D6DmR1J98w4oknqO/CyQftQYqYbLmKo:brl6kD68JmlokQfttqY2Ko
Behavioral task
behavioral1
Sample
664c0effa7bb5dc6c5c20c90b9b9ab1553bd57d7f2a4b6dce2fed74728312305.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
664c0effa7bb5dc6c5c20c90b9b9ab1553bd57d7f2a4b6dce2fed74728312305.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
njrat
0.7d
14 mai generateur xbox
89.94.35.57:1604
ef05e501c2e286164abf5fcaa961559f
-
reg_key
ef05e501c2e286164abf5fcaa961559f
-
splitter
|'|'|
Targets
-
-
Target
664c0effa7bb5dc6c5c20c90b9b9ab1553bd57d7f2a4b6dce2fed74728312305
-
Size
425KB
-
MD5
72ece7b155cc961b845e3c4b9bdbc25b
-
SHA1
12f8afc17eba584ae52935cb39ced0b47280c37f
-
SHA256
664c0effa7bb5dc6c5c20c90b9b9ab1553bd57d7f2a4b6dce2fed74728312305
-
SHA512
cfc4c857a0deaea8537f87a5e4c4a1c880ef0af32200038f01f53ca72814f3b908d419d1a0ffba3618c53d6a2417acdac0fdeb433c87ca4ff7676fd4960b2585
-
SSDEEP
12288:WquErHF6xC9D6DmR1J98w4oknqO/CyQftQYqYbLmKo:brl6kD68JmlokQfttqY2Ko
Score10/10-
UPX dump on OEP (original entry point)
-
Modifies Windows Firewall
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-