General

  • Target

    bOTj.exe

  • Size

    32KB

  • MD5

    d46f1f55a640e3ef3b694602a70e59ed

  • SHA1

    cda09398a5611ab78cd16feea8c4dda9582b52af

  • SHA256

    d6ad84287643e005e6a53037fbddd106b224524ad2b6157eee6445942cb6a954

  • SHA512

    37f8fb38546355ea591a3e2ecb7596ced47068967cc88d950db72b928bf00f354256489e99aef190379f98f9e6bf37d84ff73063d954038a4fd88dba728c15a8

  • SSDEEP

    384:g0bUe5XB4e0XmOnPw0Q0mS03AWTxtTUFQqzF0ObbZ:FT9Bu1I55dabZ

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

fortuna777.duckdns.org:1994

Mutex

034a57ce3a384

Attributes
  • reg_key

    034a57ce3a384

  • splitter

    @!#&^%$

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bOTj.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections