General
-
Target
2f840affad8d1087162c3c13fbd46957.exe
-
Size
93KB
-
MD5
2f840affad8d1087162c3c13fbd46957
-
SHA1
d81a1ed9eda358362feaf0b424e7e013e5a766e2
-
SHA256
f2a18bb076a39cbfbee79ba8e31c12051bd21af0149ccd31927a9899ff1f2950
-
SHA512
58fdebaa54433fe4c6642cee72edb07bcbd3613100d1a9dffb55019eab44a50f91422b4200bceffa179715f2ec918e789c6499961ed268527e134edb153f9f2f
-
SSDEEP
1536:mCYQIBlfGQFk2ZonmzaMxjEwzGi1dDLDxgS:mC+tFk2ZonmuMOi1d7u
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
fastboot
C2
NC50Y3AuZXUubmdyb2suaW8Strik:MTk3MDU=
Mutex
0866eaad1df34d8830102e59009dc3d0
Attributes
-
reg_key
0866eaad1df34d8830102e59009dc3d0
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2f840affad8d1087162c3c13fbd46957.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections