Overview

overview

10

Static

static

10

6733857C42...B4.exe

windows7-x64

8

6733857C42...B4.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    6733857C42198BF05FF92CF51089BD031779AD13B2CB4.exe

  • Size

    401KB

  • MD5

    7f208b13fb96dd9dd74bdefbd7dff8fa

  • SHA1

    b760fa41f0f80c2819aad5f997ab095d12c8884c

  • SHA256

    6733857c42198bf05ff92cf51089bd031779ad13b2cb4107edea08e6b5e6c665

  • SHA512

    458f693aaf097a5aae4b8cfc59c1f6989d53f5619713688ab36530f7ce4371928137ac3f9dbe9faefb1c06eae3aecc179e609ade32756570b0d14c9b67732092

  • SSDEEP

    6144:hRItLCa73M9HAN7dNkcKxtJ8GlW3aXwHrhhw:bmkHAN7dNkcKxvAOwL

Score
10/10
icecreamnjrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

IceCream

C2

4.tcp.eu.ngrok.io:11517

Mutex

cf223e8fbb67a90cf55afb9b2ced26cf

Attributes
  • reg_key

    cf223e8fbb67a90cf55afb9b2ced26cf

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6733857C42198BF05FF92CF51089BD031779AD13B2CB4.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections