General
-
Target
1fb97ee37a2c5a979bc4dff4613f9fb2_JC.bin
-
Size
34KB
-
MD5
9cefaf68e6e473ead1a177f9632bcb23
-
SHA1
91ca795eaf0110fa055a140b082820057d39131a
-
SHA256
d148ea5e4ded7cc817182e92711e41e3840db9c1d8fa5656d5e235bb4a696d85
-
SHA512
5b20ebd872f82202374b15ce1094c55111e8dd4e64e39b2ae5d5881de66df6d917c29783aa64df75479ad6380465677a29cc9f306d110f86c9d89427f5f44c90
-
SSDEEP
768:D5S+6saBt5Ub7fFw9AEPRBLKnHPIgOXmncUys2Ojo:E+87ammE5BiPF7cAxjo
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Лошок
C2
hakim32.ddns.net:2000
4.tcp.eu.ngrok.io:19914
Mutex
af200c2dc24146f167c6cde4523f107f
Attributes
-
reg_key
af200c2dc24146f167c6cde4523f107f
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1fb97ee37a2c5a979bc4dff4613f9fb2_JC.bin
Password: infected
-
c4edeb1befa9d2125c24938dfa1ac106d35f6992793a5ebc8c2b09ec38777ca8.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections