General
-
Target
2fe286b05e80df1ac84f099920f102dd.exe
-
Size
37KB
-
MD5
2fe286b05e80df1ac84f099920f102dd
-
SHA1
cd5c4c49b42b7a5ae4f6e9d60bd34403e43eead7
-
SHA256
eda5780bb6af8ba7c65ddaf53892dbc594436ac573d5e366239a200dbb3f04f2
-
SHA512
4181e486417f1b3f3989d0898557804590313a6bbe40fd8e293a5b3bf023a5c478854bf7289ecd6a11712bc9c6172b96a598691600201cdca63e3d5b68377ee4
-
SSDEEP
384:ZZhxgswi+/x3+j/NSyszemoHfm3Wwr3rAF+rMRTyN/0L+EcoinblneHQM3epzXRW:jh2RCNhszemoOGwzrM+rMRa8NuT0jt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HaCked
C2
6.tcp.eu.ngrok.io:17674
Mutex
8185799a48798dc638b3214c9b563bba
Attributes
-
reg_key
8185799a48798dc638b3214c9b563bba
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2fe286b05e80df1ac84f099920f102dd.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections