General

  • Target

    CHEAT.exe

  • Size

    41KB

  • MD5

    6f88ab6934ad767e5b629eaa0ab8491e

  • SHA1

    f6317ae4e847db719fedb7443b7b5dbb313852af

  • SHA256

    6e4717582d46a48d92e0fd8487ce3bbba7d2a8ed1024c4c058e5808e4074a299

  • SHA512

    21109a4cc8d5bc02a8bc6cbce73c38068be81e98fb682ff8d58f0b4087a72c787f387e224534e2a547ac632a3f1770f103e69629ca47a02456eb1f10af9aafa6

  • SSDEEP

    768:4oazfPhF11Qhim4ainjIfMlS8/3BXS+Ccrz/bnj4UTU:uzfP8hij5nMc/A+CcXDnMf

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

njRAT

C2

7.tcp.eu.ngrok.io:16922

Mutex

dllhost.exe

Attributes
  • reg_key

    dllhost.exe

  • splitter

    Y262SUCZ4UJJ

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • CHEAT.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections