General
-
Target
aeeb2199f2731322a9aa7b34ef844b2b.bin
-
Size
34KB
-
MD5
8782e1d3006c6ca9451aa04c7b9a9679
-
SHA1
13bd39dfdf539f3524c670f9f1ab7fb6aa126676
-
SHA256
bb7a3ebf602f7ac7f531959e527aee53d1c14f811385bb738dde9b1b916fdb73
-
SHA512
2ef086e3d2ffa5abbc9acf64ac0220f05dcc3e7fa90f394c436dabe777c16ef7cd3f5e1da364b0fb36f3fd47d9c7a14f42bb8e0fe9454ee66721ad5263eb416f
-
SSDEEP
768:8OkGWwgwgo4dc5N50QL0eYP8Smp2en9Cd5Ic8jcph:8OkGFFIcFfYP8Sm4W4UQ
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
vaul
C2
hakim32.ddns.net:2000
37.139.52.72:5555
Mutex
e525d56a6e014dc3c20af34a65dfb87b
Attributes
-
reg_key
e525d56a6e014dc3c20af34a65dfb87b
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
aeeb2199f2731322a9aa7b34ef844b2b.bin
Password: infected
-
56f78326b4f5a623539a1d12719e35a45eb4e761b2fa104688ed39b176fd51d1.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections