Overview

overview

10

Static

static

10

0x000a0000...59.exe

windows7-x64

10

0x000a0000...59.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0x000a00000001228b-59.dat

  • Size

    37KB

  • MD5

    37fbb3924bee69d58c0f748f41e043a6

  • SHA1

    f0ee458a70ca3ebf18b36870140751fdc44b720c

  • SHA256

    c9dc2fe81b5f37b984519197052c9cc578d99861e9be0823980617248a587de6

  • SHA512

    ccf777c678f84159779dc1e0ebdba5825a182f06fc750330efb99a4bca697d16a7eb894bd8f9f864631287abf279e9a3b73a45270d75ba946f8013c99459234e

  • SSDEEP

    384:xLK7AKiwB+aJzN5BLiFI4yUvIrvPnw46XUdBrAF+rMRTyN/0L+EcoinblneHQM33:MhLP5TUvIjYVUvrM+rMRa8Nu6/t

Score
10/10
remote desktopnjrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

Remote Desktop

C2

0.tcp.eu.ngrok.io:15185

Mutex

77cf7eb896c42e2ec6548d8c899ccae4

Attributes
  • reg_key

    77cf7eb896c42e2ec6548d8c899ccae4

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x000a00000001228b-59.dat
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections