General
-
Target
a92ef911215a303fc49de97c4c6d837f.bin
-
Size
11KB
-
MD5
05db09629719b4627965470092fdedd6
-
SHA1
4f200199fba3dc6426548544a080720326a597a8
-
SHA256
33f67ab7c7b25a14d4979cc5a34a923aa6a2fe4a4c87db030b7cc60276a31d2b
-
SHA512
ec146dc68a04de2ecade161d73b0977d197166f9d9ff4cb94d34bbeae9ffe229e65953087d09305bfadfabd6aa87a6f3ed152c28d4d701cf84c2904e883f0edb
-
SSDEEP
192:KEtHcp0N9maIVHC4HWrRImoSMWqwD5tvxu6gCL5ztDIhQy7px8JqMIoh:KSH32aIlCyWrRImo/xAvI6BDhCmqMxh
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
needforrat.hopto.org:7772
Mutex
47b887645f4457386c0b55e0a170685a
Attributes
-
reg_key
47b887645f4457386c0b55e0a170685a
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a92ef911215a303fc49de97c4c6d837f.bin
Password: infected
-
cd9c6c3774a1465f229f729469ac9a73561f883a3f980625198571dc9c82a4c4.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections