General
-
Target
68ba6d9812051a668115149f195b1956.bin
-
Size
10KB
-
MD5
fa1f9111833d348bd6213bbc3fee390e
-
SHA1
7fe1c3aebb917b45c05b15cadac342f282f55a64
-
SHA256
6cbfde0f357cbe22a59dd22434ae818740fc661cdcdcbf642a062dd0183b95a4
-
SHA512
b45c5a5f32cb9f3f9114d0692f0e972a9816f0cf4483d2f08878a3a4093c7e25d4c2d07777a0b19893a9131bccb1ade4e4e4701603e0ffad534c99e4d9f0776c
-
SSDEEP
192:awApgaE8EToKiC4VjlOzeb4AH9UxJpLFrF3tj7vGS0zgjgP8Pmrx1ooU5WNb1l4g:awkBEddR4hUeb4A0X9FR7HT0P8Pm9YG7
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
1.tcp.sa.ngrok.io:21422
Mutex
13043955940
Attributes
-
reg_key
13043955940
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
68ba6d9812051a668115149f195b1956.bin
Password: infected
-
9877fc613035d533feda6adc6848e183bf8c8660de3a34b1acd73c75e62e2823.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections