General
-
Target
crypted rat.exe
-
Size
110KB
-
Sample
240622-l2ejvsxclr
-
MD5
c5095088e4ce78d1a90224a2c769e196
-
SHA1
0dce6ff26e150acd9dd9b9838068011c71b90a3b
-
SHA256
286fd81b6bae4e132cbad308423e3b2b064ea4e8b4ea970c5c1fe31a156c5b1e
-
SHA512
954cceb8006bcd76f03ec7781898a318b7bbcf447501bfbfd7c5902e1a4945df7edcc1b2c3c7a0d19648b28384e87fc47995dceb481fccf4683c07a66a1411c4
-
SSDEEP
3072:abnaOa/AhYN7ofWE9kI93IcakRGEV8IbEWOEx:azssY1ofj9593JRb5xb
Static task
static1
Malware Config
Extracted
njrat
0.7d
Debil
hakim32.ddns.net:2000
lake-french.gl.at.ply.gg:33694
5d215efb685d488d29cc52d66504493b
-
reg_key
5d215efb685d488d29cc52d66504493b
-
splitter
|'|'|
Targets
-
-
Target
crypted rat.exe
-
Size
110KB
-
MD5
c5095088e4ce78d1a90224a2c769e196
-
SHA1
0dce6ff26e150acd9dd9b9838068011c71b90a3b
-
SHA256
286fd81b6bae4e132cbad308423e3b2b064ea4e8b4ea970c5c1fe31a156c5b1e
-
SHA512
954cceb8006bcd76f03ec7781898a318b7bbcf447501bfbfd7c5902e1a4945df7edcc1b2c3c7a0d19648b28384e87fc47995dceb481fccf4683c07a66a1411c4
-
SSDEEP
3072:abnaOa/AhYN7ofWE9kI93IcakRGEV8IbEWOEx:azssY1ofj9593JRb5xb
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-