General
-
Target
1F1271C5231CBF3607551EDFA424692B.exe
-
Size
23KB
-
MD5
1f1271c5231cbf3607551edfa424692b
-
SHA1
72d7699269fe9d089177a2cdb653d54737a87539
-
SHA256
d22ce6ecc2f98d7507f41b3e43af3b08e8aad02f3cc7740bc77812931c3f7ab1
-
SHA512
c25be7597f0d6c929eac577a7ca458512e88f3046f318d50624d75abb9febb140ebd92637bda6e202f4689ed38c0618f3c0f0f27168d632bdfc648d073ac0bb7
-
SSDEEP
384:5luBPiZCMfdfSJrQbsLRGSIxYVL46pg/i8BD9FmRvR6JZlbw8hqIusZzZZJQN:OOmhtI+RpcnuBN
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
0.tcp.ap.ngrok.io:17648
Mutex
793ae16d5475d442620d0296f46b356e
Attributes
-
reg_key
793ae16d5475d442620d0296f46b356e
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1F1271C5231CBF3607551EDFA424692B.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections