General
-
Target
b830235e02dcad0cd83ffdfe5e6b7064.exe
-
Size
36KB
-
MD5
b830235e02dcad0cd83ffdfe5e6b7064
-
SHA1
e19783964987deaf710869816b495beac6ea201e
-
SHA256
95026b172d2e0dfd1fba9b0892ecf5569605e0950b97d5af563f7a22b1409c4e
-
SHA512
fde3b7371c26765e867a6b7924d264fdbc7060c4d74c33b7579183565b49d72fc3b34325f3a296678d9c010e3db3fda2d0372ec86287886a34980fcde2f648f2
-
SSDEEP
384:x21SikMvmkO8IV+ytbNF2f1sseiXerAF+rMRTyN/0L+EcoinblneHQM3epzXyNrp:kdIV1tbNF2GViurM+rMRa8NuM46t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
loh
C2
4.tcp.eu.ngrok.io:18936
Mutex
04471af39c8a5c9fa23d9e4609a0588e
Attributes
-
reg_key
04471af39c8a5c9fa23d9e4609a0588e
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
b830235e02dcad0cd83ffdfe5e6b7064.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections