General
-
Target
01898ceafe8980b144a9e122e951890227d4438987894dbe6e01a1f321fb8393_JC.exe
-
Size
93KB
-
MD5
b514204ce2d9d79e9b70d3fae64e63f8
-
SHA1
0d7e7fffa4589bde734c704527755f032d951536
-
SHA256
01898ceafe8980b144a9e122e951890227d4438987894dbe6e01a1f321fb8393
-
SHA512
79e192b58523a10084d6cb714c49f38be1f29b31bd4cb774838745dcacb5830cd8822e0239419fbd10c315cbde3ec4a1b10277ea29277aadb2ce9901dc43bcf0
-
SSDEEP
768:EY3gUBnkpjTMpALPGMtsas88EtNXhe9Y1mxCXxrjEtCdnl2pi1Rz4Rk3WsGdpfgM:cURkVbPGHz88EbB1pjEwzGi1dDSDfgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
5.tcp.eu.ngrok.io:15180
Mutex
541ea451d9b54a5014d172e9f9d8c809
Attributes
-
reg_key
541ea451d9b54a5014d172e9f9d8c809
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
01898ceafe8980b144a9e122e951890227d4438987894dbe6e01a1f321fb8393_JC.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections