General
-
Target
05349799.exe
-
Size
37KB
-
MD5
ea37075f856f4711873a009813ec898e
-
SHA1
c7e3478bf096041b0d8496d6535e1df8962088a6
-
SHA256
cd57124ee4c3870947ca0c1cf48e22e52a9159a2b5b7063deffe3c3332aa8554
-
SHA512
a94801293d6a46d7d443c0e529883013a250d842cf22d153188302c133286d8c4e6fd217f905f76bfa1847f5eeecf6c67640b669ea8ef6862c16d0d9f29700d0
-
SSDEEP
384:q62KMizd9jnBhFbJ8ycPVnvvnwaUBKrAF+rMRTyN/0L+EcoinblneHQM3epzXeNn:f2g9lLJfcPVn3VU4rM+rMRa8NuYjt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
tips-longer.at.ply.gg:28154
Mutex
ed8b61650219f445e862f6262ceae061
Attributes
-
reg_key
ed8b61650219f445e862f6262ceae061
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
05349799.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections