General
-
Target
ac4ed71ff3de39c6947dbafbb65c79d6.bin
-
Size
34KB
-
MD5
9db90d12d6465bbfb3e35921789a57a6
-
SHA1
09dc03eb25752edaea5ccf18f47a576916e86175
-
SHA256
3ed27cdad1908b799daed78c3365950f907c5bee3acd31f1e89a121f8f3db831
-
SHA512
4e8f7352a1c661bb3d8fa43108d2c531bb6fbda020ebd64c4b9350824c33a1782644ce595b919cc0b6fbf50d50cab069ec88ea19895523e861c791ed9f559b50
-
SSDEEP
768:LzI33CrfngJ2e3PQjbBze/y6D4SiL2mi1I6SOL3Js5Ya:nZraPmbROXk7L2BNSMGR
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
network
C2
hakim32.ddns.net:2000
toys-bouquet.gl.at.ply.gg:5631
Mutex
d9ccae37ebf9879e0cbeb3e659c94941
Attributes
-
reg_key
d9ccae37ebf9879e0cbeb3e659c94941
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ac4ed71ff3de39c6947dbafbb65c79d6.bin
Password: infected
-
9047ddcbf9543f15012a46ccbd905d8d967e475487148babd38ca3e0cca33da2.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections