General
-
Target
ce2894675ad1697ee58f744894d6b896.bin
-
Size
10KB
-
MD5
5049e4f91dae5c30d1a671c317a0b637
-
SHA1
8a1d969b3a5e90ebe861f23be719207bb1248356
-
SHA256
01594d353c5a185775a9257dfa696a983079926f1287a1d0f785b02f0487235d
-
SHA512
9e09d57a6b1667ff8f9cbed08941d0b5ac06bccbc7ec96638190333105e98ca8f47158633f00d466a0409f4e98c55ce61341ba24bc6e3b5841be00923894ac39
-
SSDEEP
192:jiFcgLRHyY0eeShSCBEi7z9vWgv9GcAqNAD25dIyyJNjd/4q1ohHEFjdOKWkUzal:icgLMhSqEhm+nfg5/jjFROZhhZ6J9r
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
deidf.duckdns.org:9993
Mutex
41b3b311b404499492d
Attributes
-
reg_key
41b3b311b404499492d
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ce2894675ad1697ee58f744894d6b896.bin
Password: infected
-
49561ba535b0ace7088275850c7226178f964937f30a69455513034e5ffb9bb5.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections