General
-
Target
0e29fe7841d99a746c601d9a9ff393b555177ad17c2d2d99319067c52c891f54N.exe
-
Size
95KB
-
Sample
241219-2yblsssqdn
-
MD5
ebeaca1811d01b7d143bd1b35d67d0f0
-
SHA1
9c51bce73607d48ed8c783a8d666ea06b8ff1a32
-
SHA256
0e29fe7841d99a746c601d9a9ff393b555177ad17c2d2d99319067c52c891f54
-
SHA512
1d754f69d1738f766c7f46918675ea3a364a48be43f80c80cb1072b7d22c7618349e210d6cdce8b667687c59a6cd1a14ba8056258e9709f6cc25e3de1f81839e
-
SSDEEP
1536:spBYfgR+0vLUJ9qVcysDE3PS8jApI9Yo1D03BD6nFNSXBUx2imHq2ilP/m6LFEfB:sEoRTLUJQKNpV0DuONbtmHolP/m6LFEZ
Static task
static1
Behavioral task
behavioral1
Sample
0e29fe7841d99a746c601d9a9ff393b555177ad17c2d2d99319067c52c891f54N.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
0e29fe7841d99a746c601d9a9ff393b555177ad17c2d2d99319067c52c891f54N.exe
-
Size
95KB
-
MD5
ebeaca1811d01b7d143bd1b35d67d0f0
-
SHA1
9c51bce73607d48ed8c783a8d666ea06b8ff1a32
-
SHA256
0e29fe7841d99a746c601d9a9ff393b555177ad17c2d2d99319067c52c891f54
-
SHA512
1d754f69d1738f766c7f46918675ea3a364a48be43f80c80cb1072b7d22c7618349e210d6cdce8b667687c59a6cd1a14ba8056258e9709f6cc25e3de1f81839e
-
SSDEEP
1536:spBYfgR+0vLUJ9qVcysDE3PS8jApI9Yo1D03BD6nFNSXBUx2imHq2ilP/m6LFEfB:sEoRTLUJQKNpV0DuONbtmHolP/m6LFEZ
-
Njrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1PowerShell
1System Services
1Service Execution
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Impair Defenses
1