General
-
Target
23ac69eb0388a0fc0828c9e41b769201.exe
-
Size
23KB
-
MD5
23ac69eb0388a0fc0828c9e41b769201
-
SHA1
f61ed517f92b306df0ff2f185c0ab097c5dbf46d
-
SHA256
7a78f5f7471015b05f36a45b9d53d05224e8b4796240c709c3a7067bd44bc543
-
SHA512
84925b643e6613cf698d78d68235d3469969a6f3d4d1f640aa80926de2ce38d42e211bb2efa651d6528050ced0d96fd3d07bba433a057eaac8aa1d4be44d8e90
-
SSDEEP
384:9dMK6b2GZsx/Yr1+liORH1kciFQ6Lg9gSOYRr9mRvR6JZlbw8hqIusZzZkz:9+b9glF51MRpcnul
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Flex
C2
0.tcp.sa.ngrok.io:17200
Mutex
b32bd74f2549d11fe61eb231dbe9f728
Attributes
-
reg_key
b32bd74f2549d11fe61eb231dbe9f728
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
23ac69eb0388a0fc0828c9e41b769201.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections