General
-
Target
download2.exe
-
Size
22KB
-
MD5
df7fc50c25fae590d5874b01042e1ac3
-
SHA1
5e9c01fbd1f61b3af994d84721f6a7c8ad9d8980
-
SHA256
ecae6a842a9d1e85254965536628840d2dd28145db57e32d821b10ec9744ba8f
-
SHA512
848b730edaff14f3665d42b55eb2acb8c9bbc1f7a6552ac415acf8b74768891975624ba928c516baf3d81ec0aecb531e85bc59c36fec08d1da0bac04ca9c55bf
-
SSDEEP
384:/QeCo2zmZbQHkJeCdUwBvQ61gjuQBnB9mRvR6JZlbw8hqIusZzZ+Fp0:g5yBVd7Rpcnuk
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
fr
C2
francia.ydns.eu:5553
Mutex
8721754955d2136ee214cac4b72b7338
Attributes
-
reg_key
8721754955d2136ee214cac4b72b7338
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
download2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections