Overview

overview

10

Static

static

10

Clean _ Pe...e).exe

windows7-x64

10

Clean _ Pe...e).exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Clean _ Perma FN (all winware).exe

  • Size

    27KB

  • MD5

    a75be65cd72e62da1ad2349464920335

  • SHA1

    42baf82184ee61207219162632594f838385de98

  • SHA256

    e0de05ff206dd01647da60fde5d006f8ce0ca281338fce8c230df7d66e1828cf

  • SHA512

    ae7006997e256b6b7c54f5e34d5884313e9c033ab55e3d8ab019773bfdf4cd709ddd75c9eac7896b19a3ebd8959f5354f856fb584d3b65205857c5fdbc4c2b5e

  • SSDEEP

    384:cLZTlYHHeIYTzJRcbg8iEPrthZMMAQk93vmhm7UMKmIEecKdbXTzm9bVhcaR61rZ:6DZxJm8MA/vMHTi9bD

Score
10/10
tyktyk)njrat

Malware Config

Extracted

Family

njrat

Version

v4.0

Botnet

TykTyk)

C2

7.tcp.eu.ngrok.io:14885

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Clean _ Perma FN (all winware).exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections