General
-
Target
0x000b0000000122dd63dat.dat
-
Size
37KB
-
MD5
758b35f35fd9e1d077e9e1fea6d46335
-
SHA1
6c3eab1b6a3abcfcbfaf6cbae3252294da460b29
-
SHA256
dba12560c08f9eab89f4e1c80b74367aff9ab38642c8233fc16642b8cccc0fa5
-
SHA512
275143723d6fb188573ed912d94cf5579e2f9725fc06b6417188c37e022ac1878517d3959a871a58f19698b37eebc1732b73ac878095a2edb309e55dda05cbe2
-
SSDEEP
384:Vh35bYPgibdjpPu7w9qyMT6xHNMs2Si9brAF+rMRTyN/0L+EcoinblneHQM3epzG:loNN9ZMT6xmdSWrM+rMRa8NuiDt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
jertva
C2
7.tcp.eu.ngrok.io:11664
Mutex
d561c5e45425b35480bcd33ca49b89c9
Attributes
-
reg_key
d561c5e45425b35480bcd33ca49b89c9
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x000b0000000122dd63dat.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections