General
-
Target
1fn45.7no05Ta99NT91.msi
-
Size
4.8MB
-
Sample
250712-v7b6cstrt6
-
MD5
fbf2b87ec7c4d1ae91a8e671bc731931
-
SHA1
d916539e9c023c3fc8a697182af1956d394d9a78
-
SHA256
ff074d28f168e23ba94d3223fd6ed3cd87fdd6ec2874338d3c04e28904d41df7
-
SHA512
1cbe5a0c8a2a0bc3a96980892ee25552b245a10f4780727e275b31d5f09aca5b9e262040290ca7d60b6d8dc01bc4b60155bbcef41eaa19347b77cdf391d6a23f
-
SSDEEP
98304:JxMvAtKknz5vqu9sRe4frUMXjcYKMnrt5/8zdKL1mInoecTIIcAFkXGdg:JbYu9sRVj6YwdKLgIo3IIcAyXz
Static task
static1
Behavioral task
behavioral1
Sample
1fn45.7no05Ta99NT91.msi
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
1fn45.7no05Ta99NT91.msi
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
1fn45.7no05Ta99NT91.msi
-
Size
4.8MB
-
MD5
fbf2b87ec7c4d1ae91a8e671bc731931
-
SHA1
d916539e9c023c3fc8a697182af1956d394d9a78
-
SHA256
ff074d28f168e23ba94d3223fd6ed3cd87fdd6ec2874338d3c04e28904d41df7
-
SHA512
1cbe5a0c8a2a0bc3a96980892ee25552b245a10f4780727e275b31d5f09aca5b9e262040290ca7d60b6d8dc01bc4b60155bbcef41eaa19347b77cdf391d6a23f
-
SSDEEP
98304:JxMvAtKknz5vqu9sRe4frUMXjcYKMnrt5/8zdKL1mInoecTIIcAFkXGdg:JbYu9sRVj6YwdKLgIo3IIcAyXz
-
Detect JanelaRAT payload
-
Janelarat family
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v16
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1