General
-
Target
virussign.com_84875b4283fa59685172a0ea7f7e7ac0.vir
-
Size
884KB
-
Sample
240528-ta8bvsca55
-
MD5
84875b4283fa59685172a0ea7f7e7ac0
-
SHA1
1bf08442e7e3284e529d4f30bd8b5559d054e4d7
-
SHA256
b51028907f6b360042638f29505aa13b31e491b95ed02372f6a737a9efdc8e15
-
SHA512
343301e074406841a6082754dc20b13f94059b89bf4a2099ac281787116ff3bbebc58f0d67c84788e19e28f662dd63ebdf70bca8d9164b9e2e450567c5877bcc
-
SSDEEP
24576:8u6J33O0c+JY5UZ+XC0kGsoTacbl6u2idWYd:mu0c++OCvkGsEacJ67bYd
Static task
static1
Behavioral task
behavioral1
Sample
virussign.com_84875b4283fa59685172a0ea7f7e7ac0.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
virussign.com_84875b4283fa59685172a0ea7f7e7ac0.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
njrat
0.7d
14 mai generateur xbox
89.94.35.57:1604
ef05e501c2e286164abf5fcaa961559f
-
reg_key
ef05e501c2e286164abf5fcaa961559f
-
splitter
|'|'|
Targets
-
-
Target
virussign.com_84875b4283fa59685172a0ea7f7e7ac0.vir
-
Size
884KB
-
MD5
84875b4283fa59685172a0ea7f7e7ac0
-
SHA1
1bf08442e7e3284e529d4f30bd8b5559d054e4d7
-
SHA256
b51028907f6b360042638f29505aa13b31e491b95ed02372f6a737a9efdc8e15
-
SHA512
343301e074406841a6082754dc20b13f94059b89bf4a2099ac281787116ff3bbebc58f0d67c84788e19e28f662dd63ebdf70bca8d9164b9e2e450567c5877bcc
-
SSDEEP
24576:8u6J33O0c+JY5UZ+XC0kGsoTacbl6u2idWYd:mu0c++OCvkGsEacJ67bYd
Score10/10-
Modifies Windows Firewall
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-