General
-
Target
lll.exe
-
Size
32KB
-
MD5
532da7c83e4683a2ab594becffc15580
-
SHA1
57d8c7ff3b7bf7bbcf472c5bf5d15a4df1e3b62b
-
SHA256
a01e6a1ce4604181d82e13296191abdb305c97423b9fcbd7ee4ef767f2136ad6
-
SHA512
ad094d12f9e32f099696e325efd26066f513c15c3e7b9c9f7f1c9f38fda49cb93f0ff8a2cbf915be9ff73bdec874c1dd59b0f0791b87c9487fb3828ba336d509
-
SSDEEP
768:b4US21HxSgzxbSLw0cWLjrBv1XQmIDUu0tiLkjI:kWDerRFQVkVjI
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
MyBot
C2
score-told.craft.ply.gg:54077
Mutex
c54d9760bfa8660be8f7c061194ec438
Attributes
-
reg_key
c54d9760bfa8660be8f7c061194ec438
-
splitter
Y262SUCZ4UJJ
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
lll.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections