General
-
Target
28afb35cde063e534e82bacfc0738869.exe
-
Size
37KB
-
MD5
28afb35cde063e534e82bacfc0738869
-
SHA1
37e712291bb39a19edc1e306f6dcd55d3a9a20de
-
SHA256
92615b54debe2551cd8ef408dc573fdaf02f54e5a63b0b07c6b0f1edc43fda9c
-
SHA512
d5f53e842a047ca89a389d4a0862692c49cac807429d7e6f79173194f50ec7c8b5069cae09315d0387ea14df47595452f30dd52b715a20076a7309ddc2d0c826
-
SSDEEP
384:Bu5MiLzBndznNCyMGm36ePb9cGczMprAF+rMRTyN/0L+EcoinblneHQM3epzX5No:0FRNRMGm33JVcarM+rMRa8NuXCt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
SOFT2.2
C2
7.tcp.eu.ngrok.io:18476
Mutex
21d02663aa8e611bb1da08e1c27cec11
Attributes
-
reg_key
21d02663aa8e611bb1da08e1c27cec11
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
28afb35cde063e534e82bacfc0738869.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections