General

  • Target

    0x000b0000000122e7-60.dat

  • Size

    43KB

  • MD5

    7bc43f36b07c8b1de174daf7f4ead29b

  • SHA1

    700a9e8e4a8a0cd8f7b3b1c58ebf5e47dfa7ec31

  • SHA256

    c28550985ad9088407d8149d7d37155c97f10a461581c8a570bb082436596aff

  • SHA512

    54169b096eb83782316ea605c391ee70c00099292fdecffff72656989f9eb0ed2d5448f4eb0374d3426c5c7e1d964d2634cd46beedd70aebf7417c28bcdefe8a

  • SSDEEP

    384:mZyCdFI1STss7yKSXfuGSOEdrpS2dzsIij+ZsNO3PlpJKkkjh/TzF7pWn6/greTf:8Fduk4smKSvupPrkYuXQ/oD3+L

Score
10/10

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

2.tcp.eu.ngrok.io:19328

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x000b0000000122e7-60.dat
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections