General
-
Target
2c2a5b46bd15e13fd2f3df4c06457578.bin
-
Size
34KB
-
MD5
14521a0506c143f9188a0b3a749949d9
-
SHA1
3021df6d564608b8b6286ac6cb9e68902f80ede0
-
SHA256
75b8f18364353a9f155758cd49aa1e92dec0a13a37582e7b4d76a263391210ea
-
SHA512
3af1542cda359624c87924792d87b872c9fd1864e7ebdc00b386ca5e2e558055ae36842e636569930782a0f6ecfb1d3c75e3f6af868391d43af384e0329e9f53
-
SSDEEP
768:At8Mx8NEoShcpHq9VAMmILN68u+Ol4h0mQe0ieTmpzfRoX:JMxZcNStLe+Oeh0mSdCpzfR+
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
4.tcp.eu.ngrok.io:17194
Mutex
a524b09bfc2eaa9fdc9d91ea93858bfc
Attributes
-
reg_key
a524b09bfc2eaa9fdc9d91ea93858bfc
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2c2a5b46bd15e13fd2f3df4c06457578.bin
Password: infected
-
89a06a16c73f4cee629bc145fa8ca6dc2003b4c3a3ff4a0c1cec473ec42ae875.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections