General
-
Target
a65150c7e6a1470efdeb95b92e40a5ea_JC.exe
-
Size
23KB
-
MD5
a65150c7e6a1470efdeb95b92e40a5ea
-
SHA1
0e876d2c5da0ce4f7887af1f1b48272c13aaf3ec
-
SHA256
f16873bf7953ec4a08c62a32dc6365c8a74303c09c723f4548e2ea3452eb0bbc
-
SHA512
a29eb17ff452f54dc0f273114c769f64bcf8aadcf129cc49555905120c7cdb58a8ce06e77852414782c84c2b13cf9118095e5985e33910b655db0c603e228312
-
SSDEEP
384:upc6ze6e1PAhJVzC3tC1im/BsTx46PgZ0rap9HBmRvR6JZlbw8hqIusZzZAz:ube9EJLN/yRpcnuF
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Lammer
C2
0.tcp.sa.ngrok.io:19096
Mutex
27f71527bed7617b3e2e3f3ed8ecf225
Attributes
-
reg_key
27f71527bed7617b3e2e3f3ed8ecf225
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a65150c7e6a1470efdeb95b92e40a5ea_JC.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections