Overview

overview

10

Static

static

10

f35de16742...e3.exe

windows7-x64

10

f35de16742...e3.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a2d69ed72366b178a80d9158c3c9fe31.bin

  • Size

    12KB

  • MD5

    daac2eed9e52b7acf1d1abd2094699b5

  • SHA1

    db3ad83f71e0906a7ab8285c0ed50657a9c560e1

  • SHA256

    a35056765206e6d8a900fc2511daaa45ceb5facec674d5bfad381064cd705d14

  • SHA512

    cf3bbb18abc5a05e7ffc170695ee5be1e5868af98b73cab4c1a70eb7820566c5a23ffdaa1a77262ee662c98e55dd17ce40c18f04d8e6a8dd46ee5f7a44a8e95d

  • SSDEEP

    384:rU74v3wpEFx+Eexqs9qWYty2uP7vxH4uPO5/5i7h:rPvgWFxxeR90y2M714ji7h

Score
10/10
cattrollnjrat

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

CatTroll

C2

minimum-certainly.at.ply.gg:26058

Mutex

DiscordPresence

Attributes
  • reg_key

    DiscordPresence

  • splitter

    |-F-|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a2d69ed72366b178a80d9158c3c9fe31.bin
    .zip

    Password: infected

  • f35de16742223478ecb0f8d241c1442168a7b593a0c0af572981b832ed9b21e3.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections