General
-
Target
2f840affad8d1087162c3c13fbd46957.bin
-
Size
34KB
-
MD5
5b18eeb2387578c96338baab1faf56b4
-
SHA1
9a60c9101a36115991b63e6c0acf924151748df4
-
SHA256
fe6a5269459c57176417a5fc07ea0c46bc67fadd2c08615851ade4e71040c88a
-
SHA512
6eb143904433691eae68c90da4f1df2edd83ce8b7558b6a27e4a0873293a3785e85268ff041d669229fd8c62b9dc97160aeafda991f882fe3bb25a10bd79340f
-
SSDEEP
768:UXcMASbPVmMuo9TneD2B0/KGMOrVbFopZeoU2dXDfad1DeKmJygEC3bg:WcMhbPQhgnF0/KGM+UzHXDfafJbxCc
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
fastboot
C2
NC50Y3AuZXUubmdyb2suaW8Strik:MTk3MDU=
Mutex
0866eaad1df34d8830102e59009dc3d0
Attributes
-
reg_key
0866eaad1df34d8830102e59009dc3d0
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2f840affad8d1087162c3c13fbd46957.bin
Password: infected
-
f2a18bb076a39cbfbee79ba8e31c12051bd21af0149ccd31927a9899ff1f2950.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections