General

  • Target

    x5rcnYdSS63I.exe

  • Size

    32KB

  • MD5

    7377cd7083dd08f6c896069b6e235525

  • SHA1

    3dd5b7405fdc95686a8aaf1fbb60b37f9f6482c0

  • SHA256

    37a9de85c77b7c0bcf5e7147ec294a3bb9158aff6a5b2aca6e98b11d33c4ae75

  • SHA512

    b14fa6d7dfdfc5645d65dab251a144196e2f929db756d27e344a7e4c7d40efc03f83dd8a3350d4d11d0debabb15c922a07e06d42958df4f6c5115de6bf1d6065

  • SSDEEP

    384:f0bUe5XB4e0XfOZeANuiEO0YaBWTatTUFQqzFSObb8:UT9Bu2IguiEYqgb8

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

gremabenj.duckdns.org:3110

Mutex

91724ed444764

Attributes
  • reg_key

    91724ed444764

  • splitter

    @!#&^%$

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • x5rcnYdSS63I.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections