General
-
Target
62804f699b6590666616891143e40944.exe
-
Size
23KB
-
MD5
62804f699b6590666616891143e40944
-
SHA1
f194b16ac8c945335daa5b1395654cd5c57f9fc1
-
SHA256
5ed5edf3e1b4021d3ccc3c3ba586ca6c529b9cb0923232a67c77706844d95cb1
-
SHA512
212bae52df51e86df5e9d2e616f824dfe591a8b23c12ebdef538c98481f846fb3164fc8ab13f61e84c3c1b37091dac1e3fb5780f7b7437be6e8eb56628b36597
-
SSDEEP
384:0k8aSyS9gB3Y1KIay2X8cLZI6XgxsGJVPpmRvR6JZlbw8hqIusZzZkK+:y589tXvRpcnud
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
IVAN
C2
huesosnjrat.zapto.org:5432
Mutex
210decccd6bd827e3b64edf54c9e89b6
Attributes
-
reg_key
210decccd6bd827e3b64edf54c9e89b6
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
62804f699b6590666616891143e40944.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections