General
-
Target
0x002100000000f683-59.dat
-
Size
37KB
-
MD5
78aede0fbcb5a5d7ad6f3cc432bcdbaf
-
SHA1
c3f8193af197c884c8b22c2cb93add9a77b68948
-
SHA256
c6d98780a6d2ea326eb19eaf1e92a2eccfcc3bc949b466ab35bbad4cb25a50e8
-
SHA512
e0feb2636f1fa5d26b30169c0134b6c1f0f012ac7e08ca776750ea165862f4eb21c08d08868d725d5d85c73844d474c3136f686c638d7b367c0c3c7256cad7f2
-
SSDEEP
384:bOJTgiG1CPZfursvO6yszi7oPJoTnuG6rAF+rMRTyN/0L+EcoinblneHQM3epzX9:KJ/5Wpszi7o2Tu5rM+rMRa8Nu8gt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
SkyF
C2
4.tcp.eu.ngrok.io:18541
Mutex
23b1abca6d5778c7b565b54cf98e9cd1
Attributes
-
reg_key
23b1abca6d5778c7b565b54cf98e9cd1
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x002100000000f683-59.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections