Overview

overview

10

Static

static

10

6773ea6f9b...JC.exe

windows7-x64

8

6773ea6f9b...JC.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    6773ea6f9bc7dcc39175a5e6cc0ff7b44bc974d371d51fd83e8c89d3a8f345a8_JC.exe

  • Size

    36KB

  • MD5

    5f5fadb99530f4044ab88a00c859f79a

  • SHA1

    7a57c5cd6355c866f3dd2aff0da10e4b6faa2d01

  • SHA256

    6773ea6f9bc7dcc39175a5e6cc0ff7b44bc974d371d51fd83e8c89d3a8f345a8

  • SHA512

    1186b2bef23c50a526fb087da62f9a828c22ae41a10b1442a602d44608add6d0e274950821bc0af95bf44bff969702ee57be22924c9933026b2168ffaee5ec23

  • SSDEEP

    768:uWSqSCk7FFpUCyUUbq906kmmCpPi2k/K/2HrdcJrzjC:uWSqS/fpUCyUU+9v9mt/K/0rsK

Score
10/10
kelnjrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

kel

C2

0.tcp.eu.ngrok.io:17651

Mutex

96d5d3d1f73c2741ba26623034dd1053

Attributes
  • reg_key

    96d5d3d1f73c2741ba26623034dd1053

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6773ea6f9bc7dcc39175a5e6cc0ff7b44bc974d371d51fd83e8c89d3a8f345a8_JC.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections