General
-
Target
0da65fe271feb2429b80663aea32cdca.bin
-
Size
10KB
-
MD5
44a5eecfe04b3816f2e2a685686e1a76
-
SHA1
e0f42c82985f5cb02d415349d843bfb848e28df8
-
SHA256
afab061b7333d18b773742c5f9cd0cab90d99d218538d3256f04f2c068398780
-
SHA512
e2526cd99bca1cbe07644b9d765fcdf369d870565426cdfb1e46eb52be80869332d9e1ae1c21dfe1de1ad571b9a1e20a45207abd9c6df3502b50a4dffe42f3bf
-
SSDEEP
192:AYs/JyUqV/03ctAo5iO9akD1FnsumoxDiaZ4u28RpgKT83cvTgWJQB2w:k/JdxctNEkJFsuL1rZRpPTrUWJ22w
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
fortuna777.duckdns.org:1994
Mutex
d1794b585e6d
Attributes
-
reg_key
d1794b585e6d
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0da65fe271feb2429b80663aea32cdca.bin
Password: infected
-
ba4e87b503573bc23a39337de023711bf0346da26f64d1df83341414632cc07b.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections