General
-
Target
997d5c3ad783636502a50269466eef1deae0491ef10ab5e1a654dd2088715b8e
-
Size
37KB
-
Sample
250131-tapjraskcl
-
MD5
6b56460087f1cbe79de1cab679027bcb
-
SHA1
c973993a1df09018f5b6051c8910abdd9ea48e56
-
SHA256
997d5c3ad783636502a50269466eef1deae0491ef10ab5e1a654dd2088715b8e
-
SHA512
5e506645213cae2cf4ba0211af30ab1ac02dfa1157d80ef768bf38f54d638bcdd2171eeb98ec736b489c4c3f6060d005e10305e21aa82ac18aa719dff9e869fa
-
SSDEEP
384:+y7kkmSiUbFgdnP12ywjrzSzLf7S8GsHVrAF+rMRTyN/0L+EcoinblneHQM3epzo:37kkM91twjrzSHGls1rM+rMRa8NuBYt
Behavioral task
behavioral1
Sample
997d5c3ad783636502a50269466eef1deae0491ef10ab5e1a654dd2088715b8e.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
997d5c3ad783636502a50269466eef1deae0491ef10ab5e1a654dd2088715b8e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
njrat
im523
HacKed loshara
wanted-birth.gl.at.ply.gg:5534
fb26a3a5081bc57c4672ecfe56cfcc2d
-
reg_key
fb26a3a5081bc57c4672ecfe56cfcc2d
-
splitter
|'|'|
Targets
-
-
Target
997d5c3ad783636502a50269466eef1deae0491ef10ab5e1a654dd2088715b8e
-
Size
37KB
-
MD5
6b56460087f1cbe79de1cab679027bcb
-
SHA1
c973993a1df09018f5b6051c8910abdd9ea48e56
-
SHA256
997d5c3ad783636502a50269466eef1deae0491ef10ab5e1a654dd2088715b8e
-
SHA512
5e506645213cae2cf4ba0211af30ab1ac02dfa1157d80ef768bf38f54d638bcdd2171eeb98ec736b489c4c3f6060d005e10305e21aa82ac18aa719dff9e869fa
-
SSDEEP
384:+y7kkmSiUbFgdnP12ywjrzSzLf7S8GsHVrAF+rMRTyN/0L+EcoinblneHQM3epzo:37kkM91twjrzSHGls1rM+rMRa8NuBYt
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1