Overview

overview

10

Static

static

10

dd771e630f...47.exe

windows7-x64

10

dd771e630f...47.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0c4e25d699b1c4dc205c8e15489fbe48.bin

  • Size

    34KB

  • MD5

    98797d3a3df8cedc06c5ec51d1d67829

  • SHA1

    4df72df055d0ac4964cfe50b42f6cdbfda0b3263

  • SHA256

    6ce7e30183f0758d230c80d7e0aea41ca62a3519b343c55b1731322f0565ac42

  • SHA512

    a5f9b6ec02ab58118a067b51e364f5000d7e5675b5eab0e43a124bf29c63aa06188468e7fccf9050588118c94cefd69051cf5e386e901a32029d3e6e48351cdc

  • SSDEEP

    768:xLD5nVFMLjMErW5wT/vppVyt2JzvnTyZj1ueamdKalgzCE:xdwLoTm/vG2VnTyZBJE

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

6.tcp.eu.ngrok.io:12660
Mutex

716836340bb5a9e6bfba38c3f95e67be

Attributes
  • reg_key

    716836340bb5a9e6bfba38c3f95e67be

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0c4e25d699b1c4dc205c8e15489fbe48.bin
    .zip

    Password: infected

  • dd771e630f93891e7613505d3f524f76dd2f3218a71c18c24519126f9253a747.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections