Overview

overview

10

Static

static

10

0f881e4492...8d.exe

windows7-x64

10

0f881e4492...8d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0f881e4492e3d320aeb6758a482dd48d.exe

  • Size

    93KB

  • MD5

    0f881e4492e3d320aeb6758a482dd48d

  • SHA1

    4cb5325df52f37d3f56339cf63b1774689a45caa

  • SHA256

    3b911eac4683ba40627e7bebc0c3f589af3a257656f8fd9fb268d6189bc0f22b

  • SHA512

    ed135a9e2c285f2c1e0aa46c0e4386f31e69f4d3823c91f932d44238775d81730be4263022edd9f3dd12b16e8f40a3eac6e675ba4b2962dcf34034640192c7ad

  • SSDEEP

    1536:0QzGER1tMnnwlOU5CVYFjEwzGi1dDRDEgS:0Q/MnnwlOUAVYyi1d99

Score
10/10
eblannjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

eblan

C2

hakim32.ddns.net:2000

2.tcp.eu.ngrok.io:15203
Mutex

aa77962ca866e530c543cbe15f77160b

Attributes
  • reg_key

    aa77962ca866e530c543cbe15f77160b

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0f881e4492e3d320aeb6758a482dd48d.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections