General
-
Target
dllhost.exe
-
Size
37KB
-
Sample
241012-drvt4azera
-
MD5
0a64b72aff3b45b06dfee336414cf9ed
-
SHA1
5bc91466f6a8952dee430c976c206e5bf73890b7
-
SHA256
0b9081f030f73e047a09db602103c671753716f992163a47d6028f5aafc6e9c6
-
SHA512
d8a3435665ff21993332cf1f736abbc260539451e3e66e2b7c3b225431e99d1a774468f4b80e4a220ca19378ddc67a2913d45dddf5eba6f8027e9d6419fc51d7
-
SSDEEP
768:CXrtsKADtOHiR4akrYBQWllykrM+rMRa8NuW4t:CXr8tVSkBQWlEH+gRJNJ
Behavioral task
behavioral1
Sample
dllhost.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
dllhost.exe
Resource
win11-20241007-en
Malware Config
Extracted
njrat
im523
HacKed
away-displays.gl.at.ply.gg:26916
88fa44db6102d86fb65123033d323f7e
-
reg_key
88fa44db6102d86fb65123033d323f7e
-
splitter
|'|'|
Targets
-
-
Target
dllhost.exe
-
Size
37KB
-
MD5
0a64b72aff3b45b06dfee336414cf9ed
-
SHA1
5bc91466f6a8952dee430c976c206e5bf73890b7
-
SHA256
0b9081f030f73e047a09db602103c671753716f992163a47d6028f5aafc6e9c6
-
SHA512
d8a3435665ff21993332cf1f736abbc260539451e3e66e2b7c3b225431e99d1a774468f4b80e4a220ca19378ddc67a2913d45dddf5eba6f8027e9d6419fc51d7
-
SSDEEP
768:CXrtsKADtOHiR4akrYBQWllykrM+rMRa8NuW4t:CXr8tVSkBQWlEH+gRJNJ
-
Modifies Windows Firewall
-
Executes dropped EXE
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1