General
-
Target
b701e3585e852755624bc4965e7af509.exe
-
Size
37KB
-
MD5
b701e3585e852755624bc4965e7af509
-
SHA1
38f7bee5480c1f5d0b08d7d072c0980971a9eda9
-
SHA256
e79459dc4c5898824dc2d32d24bcd0156e699fbdafb68ba6e5daa43cce5cbdda
-
SHA512
99c57bb8d95a1a5654ab962de3de516552ef6652cad0169ba54a79b9371986fea60171e5e8ef0ccd2f871c766f36c3cb9a19ddd6de464d871ec3262cb584ae95
-
SSDEEP
384:IKwCT0i9rdTe/kCOyU7jcnZ8DfmTgrAF+rMRTyN/0L+EcoinblneHQM3epzXKNrW:h1J1CFU7jcC7m8rM+rMRa8NuYot
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
4.tcp.eu.ngrok.io:19554
Mutex
a3e3a48b4a1c3f8d4bc114e02152973f
Attributes
-
reg_key
a3e3a48b4a1c3f8d4bc114e02152973f
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
b701e3585e852755624bc4965e7af509.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections