General
-
Target
179a4c53805418dd29bab3594486412292092aa2925e35b028c2cf8b2d5e66faexe_JC.exe
-
Size
43KB
-
MD5
0e485a8e92e66b1b9f3f199e66d85566
-
SHA1
7203c6b73e8a926585ceedd5502c26d5281cd699
-
SHA256
179a4c53805418dd29bab3594486412292092aa2925e35b028c2cf8b2d5e66fa
-
SHA512
9eeee1b75c8e94c1a480dd62ea5210abda958cb3779b7969255028c9de855f76c0014ab3c5c6a45872ae2e966875f8ecb6c3812458df1c3680d4fad86c5d17bb
-
SSDEEP
384:MZytX7xdW/IUyNZa55EFiTYM0EvbV56lpzYIij+ZsNO3PlpJKkkjh/TzF7pWn1Rl:qArxIghNZk5EFiTVTbCpuXQ/osZ+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
asdad
C2
0.tcp.ngrok.io:11080
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
179a4c53805418dd29bab3594486412292092aa2925e35b028c2cf8b2d5e66faexe_JC.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections