Overview

overview

10

Static

static

10

e897a30c71...80.exe

windows7-x64

10

e897a30c71...80.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0dc689f7349bdb4df33cb582154b13a2_JC.bin

  • Size

    16KB

  • MD5

    c816e9f536f9f82b3bcef0992201505e

  • SHA1

    c9467c8e951d2d7d4da70793ded5f185201d189f

  • SHA256

    ad39c0cf9a18265f9321d60ca5ac9bc3e06943514228425366dba5ac73cb9977

  • SHA512

    fb7e6b9cf7ad1855b6588a71b98ed5c09b2518bdcb9c2e92437e270ab0861c978b934dda390b97f41f81cb867d63d0a6801ecd3d54e387ebcd7301b1d919f2cf

  • SSDEEP

    384:LbkIX/6UiZdhazszSLDxY0JTf6P1uRWNWh7EmwNuYJejaUsu2nkTLF:Ldv5iZdI8S/LJTSP1uI0o5AeU2nkTLF

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

2.tcp.eu.ngrok.io:10690

Mutex

c0cc0018757f2f3aabdafb7e8d266657

Attributes
  • reg_key

    c0cc0018757f2f3aabdafb7e8d266657

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0dc689f7349bdb4df33cb582154b13a2_JC.bin
    .zip

    Password: infected

  • e897a30c719b8fdd9972b29fed87fb410f02e83e1b937d984a94ff491dd2fc80.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections