General

  • Target

    09a039699d3c2b826e5e2f8ad90f50fc.bin

  • Size

    16KB

  • MD5

    40df0e0d5eaee45752f7161061540209

  • SHA1

    d00bde832e6ee6495402e8da927542ba4c097d54

  • SHA256

    820556288ad2292d0ce28199eb7d4b25fe52cb53565a6a6e06d6b99d0ba998ab

  • SHA512

    ddfec673d903b729ca20fe52f65c67fea06bcd9274ed2b18f07cd8311694f0a09e6f74aa2be116159fbd882066e2d52a62e6e6af648659ee0550e335fd67107e

  • SSDEEP

    384:pQ3aN/dB438bQ63UUu2AACXN8RCfckDoqJsqOu6n1x9/5jDDxG4snX:pQaCswD8RCfckEqJsqOt1PRjgBnX

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

8.tcp.ngrok.io:10809

Mutex

477e42ad55ebd15287499bd5aac86f08

Attributes
  • reg_key

    477e42ad55ebd15287499bd5aac86f08

  • splitter

    |'|'|

Signatures

Files

  • 09a039699d3c2b826e5e2f8ad90f50fc.bin
    .zip

    Password: infected

  • 6c3183412fc318d586ba196d42f9399ecc84500d4624377752b4952442236093.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections