General

  • Target

    xaKdKZI3e9WD.exe

  • Size

    32KB

  • MD5

    e37c35d72029ee64e9b86adc6dfb53f6

  • SHA1

    96c572d1c7813e821bcac26460a4b8777c4e7cf6

  • SHA256

    e936c50b852c04e153e12893717f7ef6e059dbce99fe615243d1109c5cd1de66

  • SHA512

    ba4884d732546668d1bd3d0f0b7372e4561063e3243eb7f1421962d43983e5704e9ebcf722403b0ae3fa6224500a7253c576f2064c6e2fb9aadc8e85e38f739a

  • SSDEEP

    384:00bUe5XB4e0XGODB4GepWTvtTUFQqz97ObbbF:RT9BuVmDulbZ

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

tiagoodiaz.duckdns.org:1994

Mutex

86a69f103ad

Attributes
  • reg_key

    86a69f103ad

  • splitter

    @!#&^%$

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • xaKdKZI3e9WD.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections