Overview

overview

10

Static

static

10

df000e309b...9b.exe

windows7-x64

10

df000e309b...9b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a72ddd0f47a665c08aba89432b4ae9ea.bin

  • Size

    30KB

  • MD5

    b97b62946ce9270eb4a3495dc976654f

  • SHA1

    69339dc310869cb5de8cd483abf516182d617b5d

  • SHA256

    2164b8d82cdde6626c909eade0d248101af7b0e03511aceafe8eece6f0ea1181

  • SHA512

    74ddc5e2bdfd55ee3c99bf3eb0b24d66a3b58f4fc5086b94d46f8e7d2f54b1baa2295497689bd4658ffac67ce0ef2b017ffb6c93f316ecbc972d669b2d20acf1

  • SSDEEP

    768:kY7ol26Adptsbd5d/vZtc0fX5AKH6xmZsxJRcOS5/:kYcywbd5d/HcGHH4RcOg/

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

Platinum

Botnet

HacKed

C2

127.0.0.1:3442

Mutex

System.exe

Attributes
  • reg_key

    System.exe

  • splitter

    |Ghost|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a72ddd0f47a665c08aba89432b4ae9ea.bin
    .zip

    Password: infected

  • df000e309b7f6e6645a8f6e5b63604d5b81e4ec4a63002f00e4b20eb79ccd79b.exe
    .exe windows:4 windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections