General
-
Target
e02e5802bacccd459b9891b49146b4c24703da9397d49a16ada35c329651252bN.exe
-
Size
9.2MB
-
Sample
241123-p3rgla1nhp
-
MD5
b6abda2d4b24cef28f9c2b62731fcfd0
-
SHA1
fdf3ae0bec83c2ec7d4e2883fc770e553b782a3d
-
SHA256
e02e5802bacccd459b9891b49146b4c24703da9397d49a16ada35c329651252b
-
SHA512
7e0f0835f7ce0d5fddfcd785ece05aff91f87fd6b95fce1b73c3464102af644a8e500338f5f1e75c648ee2b666089ab19350932a990f3cb9b2009bbcbfd721c2
-
SSDEEP
196608:z6/u1LqqyReuuQt8k9BAXbdV9qWLk/YrNcONQl4Ik+B8I4GA81G+LNaK:z6/58EBOXQ/YrN+l4IY5G19a
Behavioral task
behavioral1
Sample
e02e5802bacccd459b9891b49146b4c24703da9397d49a16ada35c329651252bN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e02e5802bacccd459b9891b49146b4c24703da9397d49a16ada35c329651252bN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e02e5802bacccd459b9891b49146b4c24703da9397d49a16ada35c329651252bN.exe
-
Size
9.2MB
-
MD5
b6abda2d4b24cef28f9c2b62731fcfd0
-
SHA1
fdf3ae0bec83c2ec7d4e2883fc770e553b782a3d
-
SHA256
e02e5802bacccd459b9891b49146b4c24703da9397d49a16ada35c329651252b
-
SHA512
7e0f0835f7ce0d5fddfcd785ece05aff91f87fd6b95fce1b73c3464102af644a8e500338f5f1e75c648ee2b666089ab19350932a990f3cb9b2009bbcbfd721c2
-
SSDEEP
196608:z6/u1LqqyReuuQt8k9BAXbdV9qWLk/YrNcONQl4Ik+B8I4GA81G+LNaK:z6/58EBOXQ/YrN+l4IY5G19a
-
Njrat family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Modifies Windows Firewall
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Hide Artifacts: Hidden Files and Directories
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
1Virtualization/Sandbox Evasion
1