Overview

overview

10

Static

static

10

f09169b81b...be.exe

windows7-x64

10

f09169b81b...be.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    07a7bbf7a7d6ad69a6d0a5b7fff8c628_JC.bin

  • Size

    30KB

  • MD5

    3299dc25cd28b2d87d21532b2abaa97f

  • SHA1

    470b941d0abab7db81f2ebdee2b4df8b53309f21

  • SHA256

    1d6d866ee0610d7d5f2f53630611edd1f58734395da0b98bbebea34e938fa14c

  • SHA512

    61ea0ff3c3669284f2c1c5acfd01a844abfabe2edc55117824467f609b0515f9580b87ed608530c5bbcc1fdcabfdced88d25e2111d0e0cdb956ae659bcc16668

  • SSDEEP

    768:Gvehaw7MeGQCy1R+4qtC1WrbnKcrVScA0MGo5RDk:Aw7hGQCWluOcRVAE4S

Score
10/10
njratnjrat

Malware Config

Extracted

Family

njrat

Version

Platinum

Botnet

njrat

C2

127.0.0.1:6522

Mutex

EdgeUpdater.exe

Attributes
  • reg_key

    EdgeUpdater.exe

  • splitter

    |Ghost|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 07a7bbf7a7d6ad69a6d0a5b7fff8c628_JC.bin
    .zip

    Password: infected

  • f09169b81b9f1f9cd98d796cbbf89bb05415133f38d6f28d694b5e145e93c0be.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections