General
-
Target
NEAS.05efb3295ab46c71a4f406446432b810.exe
-
Size
43KB
-
MD5
05efb3295ab46c71a4f406446432b810
-
SHA1
3d0df7c236bd314c293144601224dc96a5a879a4
-
SHA256
666ab77ce61bdb85f38e2031857cec512049574d79b20ddd8c28fd1cbe293a4f
-
SHA512
7cad3e0de4bf3fbc1ed1c345710aeb1fd64d967a4344845f7c33c24792cad660aa79fbde96c22f9223d6ac70e1be32f99db57b2136ae3208c1f4610dc77fbbb3
-
SSDEEP
384:TZyrABS0lwZmoy7utsMuMEhx+DEaXzoIij+ZsNO3PlpJKkkjh/TzF7pWny/greTn:dDFGol7As7KDzuXQ/oX/+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
127.0.0.1:6721
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
NEAS.05efb3295ab46c71a4f406446432b810.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections