General
-
Target
39e24a60d26ab95db5338e49f677893d074f8790af929897432208687d173515
-
Size
43KB
-
MD5
64ebd2e852bb60154dc7fe0a2c79471d
-
SHA1
26b4b09eb1f54e691ef4690a68a7ae3c6b7da32a
-
SHA256
39e24a60d26ab95db5338e49f677893d074f8790af929897432208687d173515
-
SHA512
e71fc15d5b4ec7ca005372d174358dad32f1d635242e779e899f1cad5072877d6d0142a8608b90f6c1595d59c62a4c488ae7ba2b461a25f64134db21407ca383
-
SSDEEP
384:2ZyLxziyCEFmVoybfjUVnCAUMh8DMghu19D9O5UE5QzwBlpJNakkjh/TzF7pWnRz:sIziyVAVlbbYHiggzvQO+kP+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
Nikitka
C2
quart.ddns.net:1177
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
39e24a60d26ab95db5338e49f677893d074f8790af929897432208687d173515
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections