General

  • Target

    bPbd.exe

  • Size

    32KB

  • MD5

    5a7c6112d7a5b57754c4a7356363e4c1

  • SHA1

    09aa3118bfec7c9ad065ca78bf4d124c28823dc6

  • SHA256

    57ff04bbef6df7f5c65fdad2dd633ff532abde0f209b425fcf24c642c0ec899a

  • SHA512

    26555e5192d24d9a3a697de404d6e97c0e3366ff0c73e38385d8ff4dec31fbfc0a024b6cf937a261699a83666f91825bedf344d5b702efef8544dea4fc2d96dc

  • SSDEEP

    384:o0bUe5XB4e0XGOnjHdqlzkB8N/uWTHtTUFQqzFbqObb3f:dT9BuVrdKTgbv

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

4Mekey.myftp.biz:2411

Mutex

398711e928c5489e834

Attributes
  • reg_key

    398711e928c5489e834

  • splitter

    @!#&^%$

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bPbd.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections