Overview

overview

10

Static

static

10

bPti.exe

windows7-x64

1

bPti.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bPti.exe

  • Size

    78KB

  • MD5

    e06dfd9d4bae167b3311236ae17aced7

  • SHA1

    c69256664a113ab8930d67ff11498b1e6faaf413

  • SHA256

    6967f1a5da12f10eb491bdbc40f6242c957326c41202883e7d1563a4a0e58ebd

  • SHA512

    c2a08ed25c94f031d4f7a95479761b4d235da5f6149ddf694e83174fa2dd3f0daa563ae475612b3e602c09eb7f1e8182e7fc38a2d1dad43ff85a26299020a837

  • SSDEEP

    1536:lt4+6Y9yhU19DppS5wpOk3JCK6pFNyXd6fOpd/9nEh9TGWJ0R:IhU19QwpOk5CK6zO/9ESWJ0

Score
10/10
limenjrat

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Lime

C2

gremabenj.duckdns.org:9600

Mutex

Client.exe

Attributes
  • reg_key

    Client.exe

  • splitter

    8520

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bPti.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections