General
-
Target
c3296e49c6282bc387b8203693dbcef7.exe
-
Size
43KB
-
MD5
c3296e49c6282bc387b8203693dbcef7
-
SHA1
83cdfa7eb2b040edb1651343a8566c1e3284fe8f
-
SHA256
ac403a6bca38415a950791fa758500d31372bba82e2ff4d849c4b750228926b6
-
SHA512
89854355155188cafa4d9ebf67d1562991a0d91c58fd0bdf6c3cef950c50058c009e3ec9d86c2f9443a9aebde8d588b1acca4fd24e1d0023b328785cf81e63ec
-
SSDEEP
384:d8Zycb58yCEFmVoybp5UkCoegE5MjMghozEIij+ZsNO3PlpJKkkjh/TzF7pWn7J9:d6N58yVAVlbDrC/yAgIuXQ/oOZ+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
KNG
C2
use-courses.at.ply.gg:32789
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c3296e49c6282bc387b8203693dbcef7.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections