General
-
Target
Server.exe
-
Size
93KB
-
Sample
240625-w22z9syakk
-
MD5
3a380b504980c0d497260d511c9012cd
-
SHA1
741e1192a937d53f6768b6479cdbcd26ddac98d2
-
SHA256
774b1450a7cd45088e15567aa7156cc63647f9cec7ecb62679d80bc3c883d2e2
-
SHA512
cc9c9f2d95d9f05e537a3e794e7ea919e99cf86d6dac033702e8afc12de76a9b2b04e7cfcbb3f6286246bc3b7aab53d65965f825540e925e57f5667075a3df64
-
SSDEEP
1536:QC7QHRsXQQEtQnHRegjEwzGi1dDtDOgS:QCrXQQEtQnxexi1dJz
Behavioral task
behavioral1
Sample
Server.exe
Resource
win7-20240611-en
Malware Config
Extracted
njrat
0.7d
victim 1
hakim32.ddns.net:2000
127.0.0.1:5552
1149345809ad9a0f71b63f9b8b345798
-
reg_key
1149345809ad9a0f71b63f9b8b345798
-
splitter
|'|'|
Targets
-
-
Target
Server.exe
-
Size
93KB
-
MD5
3a380b504980c0d497260d511c9012cd
-
SHA1
741e1192a937d53f6768b6479cdbcd26ddac98d2
-
SHA256
774b1450a7cd45088e15567aa7156cc63647f9cec7ecb62679d80bc3c883d2e2
-
SHA512
cc9c9f2d95d9f05e537a3e794e7ea919e99cf86d6dac033702e8afc12de76a9b2b04e7cfcbb3f6286246bc3b7aab53d65965f825540e925e57f5667075a3df64
-
SSDEEP
1536:QC7QHRsXQQEtQnHRegjEwzGi1dDtDOgS:QCrXQQEtQnxexi1dJz
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Drops file in System32 directory
-