General
-
Target
3e044d35f256bcbc56c05cbe7fcfaf5a.exe
-
Size
37KB
-
MD5
3e044d35f256bcbc56c05cbe7fcfaf5a
-
SHA1
92586bfbd301a89bf2362e082b5a4a6417dd527b
-
SHA256
06c4dc9065b42162d56b8bab99d94f768f1a6cb40e5248a79866fb4a1e8e529c
-
SHA512
0e3d9a7bd3c394e31af94c54a1942dd3cc2dfae8b08c43fbd7ccc23de0f79d46405b5420882cb9ed9e122cc11af127082c0cde35067483f72337d347c494885b
-
SSDEEP
768:lryQw7zPOTUv3XI3MerM+rMRa8Nu5t/t:lhoPOY/XIch+gRJN+t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
131.153.48.254:444
Mutex
8e49a766025732cf2a50a4bb78b2784e
Attributes
-
reg_key
8e49a766025732cf2a50a4bb78b2784e
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3e044d35f256bcbc56c05cbe7fcfaf5a.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections