General
-
Target
jjexploer.exe
-
Size
25KB
-
Sample
250329-rveh6swqw4
-
MD5
48f18e8a6a3f9b0f948b0e11e736f9e5
-
SHA1
643cec64499163563d018edbece54075c13e7cc3
-
SHA256
8e9b72f5c85f33855d55ba43828a9eb6747a20c269fd2f0a3e8e79927adcc644
-
SHA512
110a9e9bae0e4d527c6f8e5c9958aff8a13db398f0b18a727e28d69fa30d0bd759033f8efcbb59b11c2c1816b2cb17c43b7453244a198c217aa48cced0088d7b
-
SSDEEP
768:svpoyEEfxcQ4UBPq9lzcdaxfvM/r7yPV6U6m:QoyhuLUIjzgCfvM/r7yH6m
Static task
static1
Behavioral task
behavioral1
Sample
jjexploer.exe
Resource
win10v2004-20250314-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
svhost.exe
animal-premium.gl.at.ply.gg:16843
Update
-
reg_key
Update
-
splitter
|Hassan|
Targets
-
-
Target
jjexploer.exe
-
Size
25KB
-
MD5
48f18e8a6a3f9b0f948b0e11e736f9e5
-
SHA1
643cec64499163563d018edbece54075c13e7cc3
-
SHA256
8e9b72f5c85f33855d55ba43828a9eb6747a20c269fd2f0a3e8e79927adcc644
-
SHA512
110a9e9bae0e4d527c6f8e5c9958aff8a13db398f0b18a727e28d69fa30d0bd759033f8efcbb59b11c2c1816b2cb17c43b7453244a198c217aa48cced0088d7b
-
SSDEEP
768:svpoyEEfxcQ4UBPq9lzcdaxfvM/r7yPV6U6m:QoyhuLUIjzgCfvM/r7yH6m
Score10/10-
Njrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1