General
-
Target
bcddf14b096307edfbfdc92384539645.exe
-
Size
37KB
-
MD5
bcddf14b096307edfbfdc92384539645
-
SHA1
a5770520db5a464a2d1ec5fb9033391942ddf04c
-
SHA256
e5f25600b1e6483536bae239c5ff59e496fad54cd9ca1d82be94e26f27be5fa8
-
SHA512
18745ad93c7508bd025854edc346ced5069f078420a9874f27f16bc3eb0f0ec507b669799893bf79bfbf0635d139354686fbc8bde429574f6190a6897257b97b
-
SSDEEP
384:Uwxb7LsikZ9zNf/1uyU71evdjsOafMrAF+rMRTyN/0L+EcoinblneHQM3epzXCYx:Xxf4l1lU71e9FakrM+rMRa8NusYTt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
12335452
C2
5.tcp.eu.ngrok.io:19026:6735
Mutex
43f790e6cbf1ad7d860172b021a05925
Attributes
-
reg_key
43f790e6cbf1ad7d860172b021a05925
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
bcddf14b096307edfbfdc92384539645.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections