General

  • Target

    c79b8eaef85540f4e574162e51b4ef98.exe

  • Size

    225KB

  • MD5

    c79b8eaef85540f4e574162e51b4ef98

  • SHA1

    5636caa6dc5dbcdb296e4a6f9f59c7d64e675909

  • SHA256

    a281865e116c45442f921963ea8f931c183776061b9e9dd7328f4a54f4f13b4b

  • SHA512

    2cdec138fe5ee4453ef6019cac4551ec69aaf99b6eb31d7a50182a5ff1af22a14fed9eb858b6a9a9deb2cff502dff344bc6536d47d8be39ee9b40be8db329913

  • SSDEEP

    3072:QF327h+yJvq/xr+VBFaImYIYiheeeeeeeeefYDeOiClppeppOpplppepppDppptf:832QfZrMBgJSOG9iO2RK

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

Desktop

C2

6.tcp.eu.ngrok.io:10945

Mutex

a197c9392c3d531e5c503c947b346f93

Attributes
  • reg_key

    a197c9392c3d531e5c503c947b346f93

  • splitter

    |'|'|

Signatures

Files

  • c79b8eaef85540f4e574162e51b4ef98.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections