General
-
Target
decode_26514e06ea4c004f478c5e5448d2009e00b23bf64e4cfc4e3021a6c0a0ce1853.exe
-
Size
32KB
-
MD5
ce2894675ad1697ee58f744894d6b896
-
SHA1
d62b6119a51430d9588970dceeafc19111177603
-
SHA256
49561ba535b0ace7088275850c7226178f964937f30a69455513034e5ffb9bb5
-
SHA512
9c4b8b28a374f52e874bb305f3288d2ccb8c98449cabd1d372e15955547c0c4210da3020573aaa40fef0faf06a4c2103f40b867d17f730448cd9a1a2a1cf0e0d
-
SSDEEP
384:M0bUe5XB4e0XPOdv3pixEpfnWTatTUFQqzFAObbC:ZT9BuG13pieGbC
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
deidf.duckdns.org:9993
Mutex
41b3b311b404499492d
Attributes
-
reg_key
41b3b311b404499492d
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
decode_26514e06ea4c004f478c5e5448d2009e00b23bf64e4cfc4e3021a6c0a0ce1853.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections