General
-
Target
bNkn.exe
-
Size
23KB
-
MD5
18f1c4c76bfa3e98a97628f741361a50
-
SHA1
b996ca964b34339725b02abfc9b6b0fcbe5628d8
-
SHA256
53924ec04fd027a17ceec00ef3d0e77637a8c372b2ee1b6095bf1ee4cf288fc4
-
SHA512
0da74271f186591c338db5b301deff1f7b15f3373ec725d67dcb1dc0ce1ee36d75ef12002d430980ff1001b0a0457149388c31591dabef33917f3de893035637
-
SSDEEP
384:xhc6ze6e1PAhJVzC3tC1im/BsTx46PgZ0rap9HBmRvR6JZlbw8hqIusZzZXd:xTe9EJLN/yRpcnua
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
soldier
C2
0.tcp.sa.ngrok.io:18145
Mutex
8281218078858e75d74a07bde6e8bc62
Attributes
-
reg_key
8281218078858e75d74a07bde6e8bc62
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
bNkn.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections