Extracted

• • Target

    LaucherSynapseV4.7z

  • Size

    14KB

  • MD5

    6a51bf0c7ed3fd5c2986d2ca98bdf995

  • SHA1

    b8aa073566657c05dba53b0d61554b99cf6cb6a1

  • SHA256

    b52e16b631bdd93334a7fc621c9efb6b17bd3bb41e02b4728f3b187b27da53df

  • SHA512

    af48f8a73241d33ac51e3f0317e13b594b82f55444e9f04831b733ff7aa011a06b1e94a14b7c56e1cc754e1c3901111719f957f4d56f208436717c7d7a97433b

  • SSDEEP

    384:5nQz4K8t9rZJnPn56Oq2tmIrTTHGcMmR4G2vErfQ2hi:l79t9rZJnPnoOqkmIrTTHGcM4fhi

  Score

  10^/10

  njrathackeddiscoveryevasionpersistenceprivilege_escalationtrojan

  • Njrat family

    njrat

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

    trojannjrat

  • Modifies Windows Firewall

    evasion

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1