General
-
Target
3ff8ac4fca218a29177d41edfb4e5030.exe
-
Size
37KB
-
MD5
3ff8ac4fca218a29177d41edfb4e5030
-
SHA1
794cc35eff8eeed4f9210b01845f5372625c98ba
-
SHA256
08bb4c3c5ccc79be512e1f3fa890616ee3ce96875077e13cc3fb1c20c1fd3e8a
-
SHA512
43725754c9d1aa29e95ce9a7413263694b888a09e881b17bd24580833c9a1f02514b0a68912309a0c9f8ffc53ed66fedfd8845c11f4a3a37109594a47d021623
-
SSDEEP
384:qmieQilahHeTnMGiyMTTmHtd4jPSi0rAF+rMRTyN/0L+EcoinblneHQM3epzXtN7:ANSMGxMTTmX4rSPrM+rMRa8NunTt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
Client
C2
2.tcp.eu.ngrok.io:19565
Mutex
b608a62939e66b826644c6d6caef420b
Attributes
-
reg_key
b608a62939e66b826644c6d6caef420b
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3ff8ac4fca218a29177d41edfb4e5030.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections