Overview

overview

10

Static

static

10

3e6490b6eb...79.exe

windows7-x64

10

3e6490b6eb...79.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3e6490b6eb085e505899ab2c4839c71ba837220ea0e6641181103596d2d1ee79

  • Size

    31KB

  • MD5

    c95676d729b7f8f4a2562f981b485982

  • SHA1

    c649619f0216b4900fd34256a3f52428cf9f8607

  • SHA256

    3e6490b6eb085e505899ab2c4839c71ba837220ea0e6641181103596d2d1ee79

  • SHA512

    6744528acfe0819c23c27d65976be714edc5edd8479450d2ff20b42bb9e98cbd1187d90bf3add508c4067fcc8a95036fe8b33e157e75d857bf6f05ee5a41144d

  • SSDEEP

    768:CDorDp8pdvXyzx9uFwna/5nW3TvaQQmIDUu0tikHj:fw68nQb7QVkzj

Score
10/10
adminnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

admin

C2

192.168.1.1:5552

Mutex

440cf638e96f82c6af5b457dde8e97f6

Attributes
  • reg_key

    440cf638e96f82c6af5b457dde8e97f6

  • splitter

    Y262SUCZ4UJJ

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3e6490b6eb085e505899ab2c4839c71ba837220ea0e6641181103596d2d1ee79
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections