General
-
Target
c70f1b1504fcbed8851082651453e174.exe
-
Size
184KB
-
MD5
c70f1b1504fcbed8851082651453e174
-
SHA1
e27ac05f35989e72e096a922afa1ad830a1d5d76
-
SHA256
a085d9d3c1dbc7f892a89804845149389e422bfffe675e55f5ff40bdda29e182
-
SHA512
886f019de83bed35ac97c9a0e242a7e1d6241116743696441229b4eec41ade751e27c8e46df88ce38378dde00f11a5add19bf6f94d71afcaf369074d295fadfe
-
SSDEEP
1536:6ZJ9OQqaI4+gRJNJmrdiEC+Imn1l0i10rpGLP:6ZvOti+yJqrdiEC8l00As
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
explorer
C2
2.tcp.eu.ngrok.io:13889
Mutex
cd7d30b2f6970ac2d402a312d25ebcc1
Attributes
-
reg_key
cd7d30b2f6970ac2d402a312d25ebcc1
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c70f1b1504fcbed8851082651453e174.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections