General

  • Target

    no.exe

  • Size

    37KB

  • MD5

    3efa7db1ee68abbcfeb1f6f07d6f2224

  • SHA1

    f0e0396d55a8969fd89cb11363c9f5025d9a3f0d

  • SHA256

    cb3d67856d325bdd49aa5d2219366adedfe8f126f9eef98abe678b3265c681a5

  • SHA512

    59f2a57a7344937bd8234fbcf5b2fb9178a2940fa064a80dcaf56f1a37594a1ffe871e8aa30d82a3d004d05ce6a0725551f7c3c3f4f302111615932ba7e19b5d

  • SSDEEP

    384:ScFiUiD1blmJEpRGyEfjhvRuICY6KVIrAF+rMRTyN/0L+EcoinblneHQM3epzXKB:BFyHpR9EfjhEIC1KGrM+rMRa8NuEPrt

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed1

C2

7.tcp.eu.ngrok.io:5552

Mutex

5676158919069158233e936864e885de

Attributes
  • reg_key

    5676158919069158233e936864e885de

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • no.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections