General
-
Target
gotovo.exe
-
Size
93KB
-
MD5
e170a377a088127abe6780fba2bfdd0e
-
SHA1
d4007c55fe0d332b2f1f262fa659cbe45335801f
-
SHA256
5a2161f061b87e796a2e1cc0fd8e370b640fbde0740d869f630f0e3df48199a9
-
SHA512
5cf7e04968a8e433439b6c4479653ad4d678eda5daa0a0251dfe12b99e09fbdf22f3a0f301ba3c980760c6547a3b7a27061316acee9795314bcc6090e2d605c4
-
SSDEEP
768:aY3OZDI/jglPPMJI08+EyrXGtVXqt39oQkm5hXxrjEtCdnl2pi1Rz4Rk3PsGdx+3:CDI7gdQ8+fLGzFQkmjEwzGi1dD7v+gS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
lol
C2
hakim32.ddns.net:2000
opportunity-mandate.gl.at.ply.gg:18976
Mutex
2604785c47976ef6dd16bfd9ac6340a1
Attributes
-
reg_key
2604785c47976ef6dd16bfd9ac6340a1
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
gotovo.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections