General
-
Target
08805499.dat
-
Size
43KB
-
MD5
41137f7416ece144472d99d51b2ea517
-
SHA1
eba9a868c7794d2633fcc38d9ef4d6b190b72e07
-
SHA256
076fd3678bde1a6faf413b3dc4e478f8fe2b36869a0b94f2210102537f8cdb21
-
SHA512
6cc81d60daa853a23581ed3f18179bac96b71001609d9e908a081d071742235facfa7c539d0bb6196f7c1438de52193d2b77817f5ed9ea8ee7245a8c0104bd16
-
SSDEEP
384:J8ZySa33VarE8yTNJFqfQYMEnwpai0+dzEIij+ZsNO3PlpJKkkjh/TzF7pWnNmgm:J6xq3MY5TnFqfpMpLuXQ/ooC+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
2.tcp.eu.ngrok.io:18907
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
08805499.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections