General

  • Target

    Backdoor.MSIL.Agent.jdt-72fd107044ae159a7a80813fe902a132f12eedd01c63fd9e506cf05e088e7491

  • Size

    89KB

  • MD5

    f54eea2b9a7c0259b87a5303a526d818

  • SHA1

    641fcc96b0e288f7c5b1d0b94d6be1be2939e38e

  • SHA256

    72fd107044ae159a7a80813fe902a132f12eedd01c63fd9e506cf05e088e7491

  • SHA512

    36d1fb8553f454b1edbd719d4805e3d120b243960fb82ff640e52e3d3c9710a8761128079f981da011ad931c1117c0d7317f051bd4fd71a5bad93b7862dafde5

  • SSDEEP

    384:W8aZYC9twBNdcvFaly2H0dbJo6HghcASEJqc/ZmRvR6JZlbw8hqIusZzZVPe+8tp:AY+sNKqNHnSdRpcnu+REgTK

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Low3n

C2

192.168.100.58:443

Mutex

e4c7f2e5b82fac0d624ab661f39b28fa

Attributes
  • reg_key

    e4c7f2e5b82fac0d624ab661f39b28fa

  • splitter

    |'|'|

Signatures

Files

  • Backdoor.MSIL.Agent.jdt-72fd107044ae159a7a80813fe902a132f12eedd01c63fd9e506cf05e088e7491
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections