General
-
Target
6762f26d36066dd8b6cd180b69f3f117fcb1b314ee4d92cc2c7fa3ac91b934ae.exe
-
Size
91KB
-
Sample
241127-dgjdbazpgp
-
MD5
3da8e3ebbbc68f62e3df9dc5c0b9cdb0
-
SHA1
689b19d918d4138faa4507eb8227c504d438549a
-
SHA256
6762f26d36066dd8b6cd180b69f3f117fcb1b314ee4d92cc2c7fa3ac91b934ae
-
SHA512
a925651d935526717760bfa2b18e9ec66528b4b188f8ebb79bf529b57caf8e1f561034828ac42973a9a81a6304bb11d3faf600776b9c48029651dbca1821c62c
-
SSDEEP
768:EGZel/M+0uGAfIi+qXuzMywjZdLJakHX+xWvYR4SYzktFI3tr3/iTnRVOR1MY4Zw:Ol/l0pUjBjZdL4kHG5mktQJVR1Ap8vJ
Behavioral task
behavioral1
Sample
6762f26d36066dd8b6cd180b69f3f117fcb1b314ee4d92cc2c7fa3ac91b934ae.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6762f26d36066dd8b6cd180b69f3f117fcb1b314ee4d92cc2c7fa3ac91b934ae.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
njrat
hakim32.ddns.net:2000
Targets
-
-
Target
6762f26d36066dd8b6cd180b69f3f117fcb1b314ee4d92cc2c7fa3ac91b934ae.exe
-
Size
91KB
-
MD5
3da8e3ebbbc68f62e3df9dc5c0b9cdb0
-
SHA1
689b19d918d4138faa4507eb8227c504d438549a
-
SHA256
6762f26d36066dd8b6cd180b69f3f117fcb1b314ee4d92cc2c7fa3ac91b934ae
-
SHA512
a925651d935526717760bfa2b18e9ec66528b4b188f8ebb79bf529b57caf8e1f561034828ac42973a9a81a6304bb11d3faf600776b9c48029651dbca1821c62c
-
SSDEEP
768:EGZel/M+0uGAfIi+qXuzMywjZdLJakHX+xWvYR4SYzktFI3tr3/iTnRVOR1MY4Zw:Ol/l0pUjBjZdL4kHG5mktQJVR1Ap8vJ
-
Modifies Windows Firewall
-
Legitimate hosting services abused for malware hosting/C2
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-