General
-
Target
9cd48799f48622358d39e92cf2b76213.exe.bin
-
Size
31KB
-
MD5
ffedb9454cd970240628f9a65ba440e1
-
SHA1
90e7557bac4789101f7d53a7823623714f16e740
-
SHA256
3801c296dab5e58d5609634c40648b2cd7927d106b08966450629ee261e46ca4
-
SHA512
9ab7fa0fb2161eea6e23ee8dd3289c50c5dea00edd7122ca3e081a6c3b195b71ce2853dd8182481aeeb1f9b0dbe7355b5fdf97684ba6eff9933f4f516fb53c41
-
SSDEEP
768:hj51ZlU513vqzxl+rScDrm4gLvbqQmIDUu0tiW8Nj:RfIqr48GQVk58j
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
ffg
C2
runtimebroker.ddns.net:8080
Mutex
9cd48799f48622358d39e92cf2b76213
Attributes
-
reg_key
9cd48799f48622358d39e92cf2b76213
-
splitter
Y262SUCZ4UJJ
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9cd48799f48622358d39e92cf2b76213.exe.bin
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections