General
-
Target
file.exe
-
Size
93KB
-
MD5
837e7a401c17906aa92c5017f3956f66
-
SHA1
8f3dea852710373fa49a353704c56bcc26f565b1
-
SHA256
1a803a8d7f55faf66459f33c7d89e961a22aae970eb84528b952b01e8c0af3dc
-
SHA512
7388680c98758e9bf64691d7bd16506fc11bf8b1cddb5943e5443d35c6608c6549ee211d0a8d2764d648c8d1d2ff0de075627b959660e0f7e3285e308cde5c6a
-
SSDEEP
1536:fUVFQWqkqqoLc2mJiIjEwzGi1dDSDBgS:fUVmkqqoA2Gi5i1dk+
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
6543etfd2-59719.portmap.host:59719
Mutex
d1c3b292c1154d5afecf1763e7e509c3
Attributes
-
reg_key
d1c3b292c1154d5afecf1763e7e509c3
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
file.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections