General
-
Target
c2fa3bf16efa680e4d94331cc3412460N
-
Size
93KB
-
Sample
240827-tyjneazend
-
MD5
c2fa3bf16efa680e4d94331cc3412460
-
SHA1
952e90052fad71f1aecc40d1190792ba949d9418
-
SHA256
bb2e59f7decf5f2655fd2a37a90803195e3ecee363fd8103e0ea556f1f85a6fe
-
SHA512
b3d176370240c2f7a8af545f4d7008486ede93674df737e4747c61f58a62403706b1ab41763ed294a6e9691b5c107e41b3333402912b661141603c5c9eee2a9c
-
SSDEEP
768:ZY3bupD9O/pBcxYsbae6GIXb9pDX2b9zPL0OXLeuXxrjEtCdnl2pi1Rz4Rk3wsGH:8uLOx6baIa9RIj00ljEwzGi1dDoDLgS
Behavioral task
behavioral1
Sample
c2fa3bf16efa680e4d94331cc3412460N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c2fa3bf16efa680e4d94331cc3412460N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
njrat
0.7d
HacKed
hakim32.ddns.net:2000
127.0.0.1:5552
c25a44db353f01294d560923ec8374cb
-
reg_key
c25a44db353f01294d560923ec8374cb
-
splitter
|'|'|
Targets
-
-
Target
c2fa3bf16efa680e4d94331cc3412460N
-
Size
93KB
-
MD5
c2fa3bf16efa680e4d94331cc3412460
-
SHA1
952e90052fad71f1aecc40d1190792ba949d9418
-
SHA256
bb2e59f7decf5f2655fd2a37a90803195e3ecee363fd8103e0ea556f1f85a6fe
-
SHA512
b3d176370240c2f7a8af545f4d7008486ede93674df737e4747c61f58a62403706b1ab41763ed294a6e9691b5c107e41b3333402912b661141603c5c9eee2a9c
-
SSDEEP
768:ZY3bupD9O/pBcxYsbae6GIXb9pDX2b9zPL0OXLeuXxrjEtCdnl2pi1Rz4Rk3wsGH:8uLOx6baIa9RIj00ljEwzGi1dDoDLgS
-
Modifies Windows Firewall
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-