Overview

overview

10

Static

static

10

d292286a61...1a.exe

windows7-x64

8

d292286a61...1a.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.8fd8e85a8db28bf9cb98d339b6516e57bin_JC.zip

  • Size

    13KB

  • MD5

    42972448d19eb6bc05c689f47fc38335

  • SHA1

    8e08f3a047f32738afcc134bd670aa8957ca037d

  • SHA256

    d36eb842d2d6e0af011bd7cd8963628734f983b9d73944c24ee25c23ef65dc3b

  • SHA512

    adc015765e363b1b92ff9677b1fec81faef3db673a53a4054f687591bd934191516a4912e0f7be8ce2ff57fdfb32e03d4dcd8cd03adab925e286772b990d7650

  • SSDEEP

    384:Wf2i6xJpg+s2vicUxuK3itS44nShN/HNpsraDmqcpOk:hhxJpgLv3itS4WSDPNaGBk

Score
10/10
56307njrat

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

56307

C2

keep-carbon.gl.at.ply.gg:56307

Mutex

ba4c12bee3027d94da5c81db2d196bfd

Attributes
  • reg_key

    ba4c12bee3027d94da5c81db2d196bfd

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.8fd8e85a8db28bf9cb98d339b6516e57bin_JC.zip
    .zip

    Password: infected

  • d292286a614b1c35f42ea04335bab20018d7f5e67451fcf653facef327a8721a.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections