Overview

overview

10

Static

static

10

1382ca654b...8f.exe

windows7-x64

10

1382ca654b...8f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1382ca654be16cfdcf971e92ffb52c8f.exe

  • Size

    184KB

  • MD5

    1382ca654be16cfdcf971e92ffb52c8f

  • SHA1

    2ef83a06b0d5fb448c20af75a8f70b95599f779b

  • SHA256

    87bd2204dc4d21c1d612b0fcdab5126fd535ffbd8deb027a98e1c608c4f0c433

  • SHA512

    5e4ea698ca88db7c8eefd119b1cd81a512db473df8adc5cba5d1ac9981dcbaea7d5655bbebbb2f8104403e2f584a695aeb1193c5d91e626fc549f6f3fb6017fe

  • SSDEEP

    3072:4dguPVbL0Y0c17aUXhi062PLKbmsncFQlWB:4kYIihr64lT

Score
10/10
njrat

Malware Config

Signatures

  • Njrat family
    njrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1382ca654be16cfdcf971e92ffb52c8f.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections