General

  • Target

    bMJj.exe

  • Size

    78KB

  • MD5

    d6b907a131586513531e26f54e424ef1

  • SHA1

    dbd94a49ebcf17acf7aa27b0e7e37db8161d3fae

  • SHA256

    1edd9675ca9e84553106201aae3a98bdb2fd2ff8e6039af4478fe5af4fbfd995

  • SHA512

    0af91f99df2b9453a19051f988d1683d3eff52aa471dc206766e55139f06ae894a2df9b418977808a5a62196da423efea07add75bcba9ba6fe8a5c83eca704ff

  • SSDEEP

    1536:h5B+r0dODplS5wpOk3JCK6pFoO/d6fOpd/9nEh9TG6JgR:YQwpOk5CK6gO/9ES6Jg

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Lime

C2

ax4.duckdns.org:9966

Mutex

Client.exe

Attributes
  • reg_key

    Client.exe

  • splitter

    16426337

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bMJj.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections