General
-
Target
rl_9690ddde7fd841e630242dcdc7740ef8d18c3775eaa1db5213ac0346b96efed2
-
Size
4.2MB
-
Sample
250701-sl5jnsxmw9
-
MD5
3cd46145ae8b05948f7c8b68ea802df4
-
SHA1
700210aff6f4d40331ff5c572d476deb9546083b
-
SHA256
9690ddde7fd841e630242dcdc7740ef8d18c3775eaa1db5213ac0346b96efed2
-
SHA512
6be5f12244b4720aeb0f6b7de0d5724580b3c521c592a14bf3a06348efcedfa5ac1263cfd58bc302cf1db1c771c3c8855a3ee187f1e6b7275c65669e35b1182b
-
SSDEEP
98304:5RGwPnbpZfMdHl/nGq3LYLm6CTDGcjlX522DpW0luP7Q:5EWfcF+tJUDGcjlX82VW0luP7Q
Static task
static1
Behavioral task
behavioral1
Sample
5fn92.3no23Ta46NT86.msi
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
5fn92.3no23Ta46NT86.msi
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
5fn92.3no23Ta46NT86.msi
-
Size
5.4MB
-
MD5
8c21c7cc9c3df18ef55fa9b399d24bee
-
SHA1
cc4ae55b536ff6bceeb748c5d2fa9fd691ecc94b
-
SHA256
e86274b854dffcb30dd1520662591706def1ae6f7edc8d784c15c69eca69fef1
-
SHA512
1e7c198b905cc0483018b5d00a82424583e1bc3eee24d2915904e0035482017b14dc4a1e94b83d951ac0faaa6901062ea6cfb74372d922f42578604d18ce8c0b
-
SSDEEP
98304:gxMvAtKknz5vqulsRe4frUMXjcY9LPWB3RyNm6mZnoqtX9vSgFlWelkF4I:gbYulsRVj4+PqnoqtX9agDWelkF4I
-
Detect JanelaRAT payload
-
Janelarat family
-
Drops startup file
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-