General
-
Target
3e044d35f256bcbc56c05cbe7fcfaf5a.bin
-
Size
16KB
-
MD5
4f5ec75ede77a0d9d0e1bfc24617021e
-
SHA1
6b43c8cbf0edf8b75c0328a104d5692b6f7865e3
-
SHA256
9c8da3f9d562ca9edacf69b9704a721c83b9d9dc37a1b8b6fdd0635a7e0af95d
-
SHA512
59bf3f01e6485c77d0435b523021bed83751f9fffb940392bd2cc6a1cb9064a1e4aa019827f238c79aee22723883c653220d2f2cd9f0488f6625bb1dc99d330a
-
SSDEEP
384:BCdCXO8sL3bUeayCRCkAjY/4MMVqzSwaKYNbYvwzb3peXbBVHvE+rqs:4CXOnLN3a4u5MqebNbYv6zp4VVHcgqs
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
131.153.48.254:444
Mutex
8e49a766025732cf2a50a4bb78b2784e
Attributes
-
reg_key
8e49a766025732cf2a50a4bb78b2784e
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3e044d35f256bcbc56c05cbe7fcfaf5a.bin
Password: infected
-
06c4dc9065b42162d56b8bab99d94f768f1a6cb40e5248a79866fb4a1e8e529c.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections