General
-
Target
b97e658d63cf0a96c8359a913942fc78.exe
-
Size
23KB
-
MD5
b97e658d63cf0a96c8359a913942fc78
-
SHA1
fe5640e69cd92cf44dac58999ecaa5cb8dade0e3
-
SHA256
6b14da96e2c5a40d29b909c8567b14486339b206ae24dfbc4c505c4efa5860ce
-
SHA512
ef6f82f9ea67e005376fd36e56d81243ed312132013ea6fecc387095344007ad87528c017d33318d6c88e817d2b11b0cc798dcce101746ce2d895bfd951bd348
-
SSDEEP
384:oluBPiZCMfdfSJrQbsLRGSIxYVL46pg/i8BD9FmRvR6JZlbw8hqIusZzZx1:XOmhtI+Rpcnu0
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
0.tcp.ap.ngrok.io:17689
Mutex
3f2446930b19ae6533a08c5a2747464b
Attributes
-
reg_key
3f2446930b19ae6533a08c5a2747464b
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
b97e658d63cf0a96c8359a913942fc78.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections