General
-
Target
b96c1708cf6822bfbd2828927b8514a1.bin
-
Size
34KB
-
MD5
c8ae0ab3279c218546db2280e0ced523
-
SHA1
0a8ed44dcca1db18fa4b1344431f7751b44c3873
-
SHA256
9a829d25fda9e5284e217f2467458fc821626da27554adc2daaf78ae55239362
-
SHA512
0dfc9e87e64902af8d8981a28ff08fad71f825b93f3c74e1783bb5bd53317fe55e3861723c42ec2ae78594539ffa97f684a9bd94063e93cc7274f701dbbe5d82
-
SSDEEP
768:36XT01nLRFUX/hpfIXGr6guJrUQ2R42xOuHp2P7:ET0fazJDbfYuJQ
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
rdxen.ddns.net:2605
Mutex
103235884b41d3d086abdac4c4e9360c
Attributes
-
reg_key
103235884b41d3d086abdac4c4e9360c
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
b96c1708cf6822bfbd2828927b8514a1.bin
Password: infected
-
ed11abf46bdb314fe8d2d0d4ab36a1d13b2b628a612fe3324c7088e843c4a5a1.bin
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections