General
-
Target
1fb97ee37a2c5a979bc4dff4613f9fb2.exe
-
Size
93KB
-
MD5
1fb97ee37a2c5a979bc4dff4613f9fb2
-
SHA1
13679e8eb6e8995bfda6590f3dd04c6d99104b67
-
SHA256
c4edeb1befa9d2125c24938dfa1ac106d35f6992793a5ebc8c2b09ec38777ca8
-
SHA512
913f3b430ea169ae91079a65982b15b913c89ee9eb43eb15a09bb44f052e27597e598017b1c3cc47b2633e8ef9c9b5f056e447beb5b61f3453e2280c0c52a727
-
SSDEEP
1536:ghnR8lZc+/2HK1j+58dljEwzGi1dDUDPgS:ghnKc+/2HK1a8dSi1dyo
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Лошок
C2
hakim32.ddns.net:2000
4.tcp.eu.ngrok.io:19914
Mutex
af200c2dc24146f167c6cde4523f107f
Attributes
-
reg_key
af200c2dc24146f167c6cde4523f107f
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1fb97ee37a2c5a979bc4dff4613f9fb2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections